Vulnerabilities > Jellyfin > Jellyfin > 10.3.1

DATE CVE VULNERABILITY TITLE RISK
2023-12-13 CVE-2023-48702 Command Injection vulnerability in Jellyfin
Jellyfin is a system for managing and streaming media.
network
low complexity
jellyfin CWE-77
7.2
7.2
2023-12-06 CVE-2023-49096 Argument Injection or Modification vulnerability in Jellyfin
Jellyfin is a Free Software Media System for managing and streaming media.
network
low complexity
jellyfin CWE-88
8.8
8.8
2023-04-24 CVE-2023-30627 Cross-site Scripting vulnerability in Jellyfin
jellyfin-web is the web client for Jellyfin, a free-software media system.
network
low complexity
jellyfin CWE-79
5.4
5.4
2023-03-10 CVE-2023-27161 Server-Side Request Forgery (SSRF) vulnerability in Jellyfin
Jellyfin up to v10.7.7 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /Repositories.
network
low complexity
jellyfin CWE-918
7.5
7.5
2021-05-06 CVE-2021-29490 Server-Side Request Forgery (SSRF) vulnerability in Jellyfin
Jellyfin is a free software media system that provides media from a dedicated server to end-user devices via multiple apps.
network
low complexity
jellyfin CWE-918
5.0
5.0