Vulnerabilities > Evernote > Evernote > 7.3.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-30 | CVE-2019-17051 | Improper Input Validation vulnerability in Evernote Evernote before 7.13 GA on macOS allows code execution because the com.apple.quarantine attribute is not used for attachment files, as demonstrated by a one-click attack involving a drag-and-drop operation on a crafted Terminal file. | 6.8 |
| 2018-12-11 | CVE-2018-20058 | Path Traversal vulnerability in Evernote In Evernote before 7.6 on macOS, there is a local file path traversal issue in attachment previewing, aka MACOSNOTE-28634. | 5.0 |