Vulnerabilities > Fit2Cloud > Jumpserver > 3.10.6

DATE CVE VULNERABILITY TITLE RISK
2024-07-18 CVE-2024-40628 Path Traversal vulnerability in Fit2Cloud Jumpserver
JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser.
network
low complexity
fit2cloud CWE-22
critical
9.1
2024-07-18 CVE-2024-40629 Path Traversal vulnerability in Fit2Cloud Jumpserver
JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser.
network
low complexity
fit2cloud CWE-22
critical
9.8
2024-03-29 CVE-2024-29201 Code Injection vulnerability in Fit2Cloud Jumpserver
JumpServer is an open source bastion host and an operation and maintenance security audit system.
network
low complexity
fit2cloud CWE-94
critical
9.9
2024-03-29 CVE-2024-29202 Code Injection vulnerability in Fit2Cloud Jumpserver
JumpServer is an open source bastion host and an operation and maintenance security audit system.
network
low complexity
fit2cloud CWE-94
critical
9.9