Vulnerabilities > Glance Project

DATE	CVE	VULNERABILITY TITLE	RISK
2023-02-13	CVE-2022-25937	Path Traversal vulnerability in Glance Project Glance Versions of the package glance before 3.0.9 are vulnerable to Directory Traversal that allows users to read files outside the public root directory. network low complexity glance-project CWE-22	6.5
2022-07-11	CVE-2022-31546	Path Traversal vulnerability in Glance Project Glance 20140627 The nlpweb/glance repository through 2014-06-27 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. network low complexity glance-project CWE-22 critical	9.3
2018-07-03	CVE-2018-3748	Cross-site Scripting vulnerability in Glance Project Glance 3.0.5 There is a Stored XSS vulnerability in the glance node module versions <= 3.0.5. network low complexity glance-project CWE-79	6.1
2018-06-07	CVE-2018-3715	Path Traversal vulnerability in Glance Project Glance glance node module before 3.0.4 suffers from a Path Traversal vulnerability due to lack of validation of path passed to it, which allows a malicious user to read content of any file with known path. network low complexity glance-project CWE-22	6.5

Vulnerabilities > Glance Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Glance Project"}]}