Vulnerabilities > Elog Project

DATE CVE VULNERABILITY TITLE RISK
2019-12-17 CVE-2019-3996 Externally Controlled Reference to a Resource in Another Sphere vulnerability in multiple products
ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests.
network
low complexity
elog-project fedoraproject CWE-610
6.5
2019-12-17 CVE-2019-3995 NULL Pointer Dereference vulnerability in multiple products
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference.
network
low complexity
elog-project fedoraproject CWE-476
7.5
2019-12-17 CVE-2019-3994 Use After Free vulnerability in multiple products
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free.
network
low complexity
elog-project fedoraproject CWE-416
7.5
2019-12-17 CVE-2019-3993 Cleartext Transmission of Sensitive Information vulnerability in multiple products
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability.
network
low complexity
elog-project fedoraproject CWE-319
7.5
2019-12-17 CVE-2019-3992 Cleartext Transmission of Sensitive Information vulnerability in multiple products
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability.
network
low complexity
elog-project fedoraproject CWE-319
7.5
2017-06-27 CVE-2016-6342 Improper Access Control vulnerability in multiple products
elog 3.1.1 allows remote attackers to post data as any username in the logbook.
network
low complexity
fedoraproject elog-project CWE-284
7.5