Vulnerabilities > Jfrog > Artifactory > 6.23.41
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-04-15 | CVE-2024-3505 | Unspecified vulnerability in Jfrog Artifactory JFrog Artifactory Self-Hosted versions below 7.77.3, are vulnerable to sensitive information disclosure whereby a low-privileged authenticated user can read the proxy configuration. This does not affect JFrog cloud deployments. | 4.3 |
2024-03-13 | CVE-2024-2247 | Unspecified vulnerability in Jfrog Artifactory JFrog Artifactory versions below 7.77.7, 7.82.1, are vulnerable to DOM-based cross-site scripting due to improper handling of the import override mechanism. | 6.1 |
2024-03-07 | CVE-2023-42661 | Unspecified vulnerability in Jfrog Artifactory JFrog Artifactory prior to version 7.76.2 is vulnerable to Arbitrary File Write of untrusted data, which may lead to DoS or Remote Code Execution when a specially crafted series of requests is sent by an authenticated user. | 8.8 |