Vulnerabilities > Duraspace > Dspace

DATE CVE VULNERABILITY TITLE RISK
2022-08-01 CVE-2022-31190 Incorrect Authorization vulnerability in Duraspace Dspace
DSpace open source software is a repository application which provides durable access to digital resources.
network
low complexity
duraspace CWE-863
5.3
5.3
2021-10-29 CVE-2021-41189 Incorrect Authorization vulnerability in Duraspace Dspace 7.0
DSpace is an open source turnkey repository application.
network
low complexity
duraspace CWE-863
critical
 9.0
9.0
2018-07-10 CVE-2016-10726 Path Traversal vulnerability in Duraspace Dspace
The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI.
network
low complexity
duraspace CWE-22
5.0
5.0