Vulnerabilities > Etherpad > Etherpad > 1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-09 | CVE-2021-43802 | Unspecified vulnerability in Etherpad Etherpad is a real-time collaborative editor. | 8.8 |
| 2021-04-28 | CVE-2020-22782 | Unspecified vulnerability in Etherpad Etherpad < 1.8.3 is affected by a denial of service in the import functionality. | 5.0 |
| 2021-04-28 | CVE-2020-22785 | Allocation of Resources Without Limits or Throttling vulnerability in Etherpad Etherpad < 1.8.3 is affected by a missing lock check which could cause a denial of service. | 5.0 |
| 2021-04-28 | CVE-2020-22783 | Cleartext Storage of Sensitive Information vulnerability in Etherpad Etherpad <1.8.3 stored passwords used by users insecurely in the database and in log files. | 4.0 |
| 2021-04-28 | CVE-2020-22781 | SQL Injection vulnerability in Etherpad In Etherpad < 1.8.3, a specially crafted URI would raise an unhandled exception in the cache mechanism and cause a denial of service (crash the instance). | 5.0 |
| 2018-02-08 | CVE-2018-6835 | Improper Input Validation vulnerability in Etherpad node/hooks/express/apicalls.js in Etherpad Lite before v1.6.3 mishandles JSONP, which allows remote attackers to bypass intended access restrictions. | 7.5 |
| 2017-09-07 | CVE-2015-4085 | Path Traversal vulnerability in Etherpad Directory traversal vulnerability in node/hooks/express/tests.js in Etherpad frontend tests before 1.6.1. | 5.0 |