Vulnerabilities > Jfrog > Artifactory > 6.23.41

DATE CVE VULNERABILITY TITLE RISK
2024-04-15 CVE-2024-3505 Unspecified vulnerability in Jfrog Artifactory
JFrog Artifactory Self-Hosted versions below 7.77.3, are vulnerable to sensitive information disclosure whereby a low-privileged authenticated user can read the proxy configuration. This does not affect JFrog cloud deployments.
network
low complexity
jfrog
4.3
2024-03-13 CVE-2024-2247 Unspecified vulnerability in Jfrog Artifactory
JFrog Artifactory versions below 7.77.7, 7.82.1, are vulnerable to DOM-based cross-site scripting due to improper handling of the import override mechanism.
network
low complexity
jfrog
6.1
2024-03-07 CVE-2023-42661 Unspecified vulnerability in Jfrog Artifactory
JFrog Artifactory prior to version 7.76.2 is vulnerable to Arbitrary File Write of untrusted data, which may lead to DoS or Remote Code Execution when a specially crafted series of requests is sent by an authenticated user.
network
low complexity
jfrog
8.8