Vulnerabilities > Elog Project > Elog > 1.3.5

DATE CVE VULNERABILITY TITLE RISK
2019-12-17 CVE-2019-3996 Externally Controlled Reference to a Resource in Another Sphere vulnerability in multiple products
ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy when unauthenticated remote attackers send crafted HTTP POST requests.
network
low complexity
elog-project fedoraproject CWE-610
6.5
6.5
2019-12-17 CVE-2019-3995 NULL Pointer Dereference vulnerability in multiple products
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a NULL pointer dereference.
network
low complexity
elog-project fedoraproject CWE-476
7.5
7.5
2019-12-17 CVE-2019-3994 Use After Free vulnerability in multiple products
ELOG 3.1.4-57bea22 and below is affected by a denial of service vulnerability due to a use after free.
network
low complexity
elog-project fedoraproject CWE-416
7.5
7.5
2019-12-17 CVE-2019-3993 Cleartext Transmission of Sensitive Information vulnerability in multiple products
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability.
network
low complexity
elog-project fedoraproject CWE-319
7.5
7.5
2019-12-17 CVE-2019-3992 Cleartext Transmission of Sensitive Information vulnerability in multiple products
ELOG 3.1.4-57bea22 and below is affected by an information disclosure vulnerability.
network
low complexity
elog-project fedoraproject CWE-319
7.5
7.5