Vulnerabilities > Mendix
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-11-09 | CVE-2021-42015 | Information Exposure Through Browser Caching vulnerability in Mendix A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.26), Mendix Applications using Mendix 8 (All versions < V8.18.12), Mendix Applications using Mendix 9 (All versions < V9.6.1). | 5.5 |
2021-11-09 | CVE-2021-42025 | Incorrect Authorization vulnerability in Mendix A vulnerability has been identified in Mendix Applications using Mendix 8 (All versions < V8.18.13), Mendix Applications using Mendix 9 (All versions < V9.6.2). | 6.5 |
2021-11-09 | CVE-2021-42026 | Incorrect Authorization vulnerability in Mendix A vulnerability has been identified in Mendix Applications using Mendix 8 (All versions < V8.18.13), Mendix Applications using Mendix 9 (All versions < V9.6.2). | 4.3 |
2021-06-08 | CVE-2021-33712 | Insufficient Verification of Data Authenticity vulnerability in Mendix Saml A vulnerability has been identified in Mendix SAML Module (All versions < V2.1.2). | 8.8 |
2021-05-12 | CVE-2021-31339 | Information Exposure Through an Error Message vulnerability in Mendix Excel Importer A vulnerability has been identified in Mendix Excel Importer Module (All versions < V9.0.3). | 4.3 |
2021-05-12 | CVE-2021-31341 | Information Exposure Through an Error Message vulnerability in Mendix Database Replication Uploading a table mapping using a manipulated XML file results in an exception that could expose information about the application-server and the used XML-framework on the Mendix Database Replication Module (All versions prior to v7.0.1). | 4.3 |
2021-04-16 | CVE-2021-27394 | Improper Privilege Management vulnerability in Mendix A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.19), Mendix Applications using Mendix 8 (All versions < V8.17.0), Mendix Applications using Mendix 8 (V8.12) (All versions < V8.12.5), Mendix Applications using Mendix 8 (V8.6) (All versions < V8.6.9), Mendix Applications using Mendix 9 (All versions < V9.0.5). | 8.8 |
2021-03-15 | CVE-2021-25672 | Unspecified vulnerability in Mendix Forgot Password A vulnerability has been identified in Mendix Forgot Password Appstore module (All Versions < V3.2.1). | 8.8 |
2021-01-06 | CVE-2020-8160 | Cross-site Scripting vulnerability in Mendix Mendixsso 2.0.0/2.1.0/2.1.1 MendixSSO <= 2.1.1 contains endpoints that make use of the openid handler, which is suffering from a Cross-Site Scripting vulnerability via the URL path. | 6.1 |
2019-09-10 | CVE-2019-12996 | Server-Side Request Forgery (SSRF) vulnerability in Mendix In Mendix 7.23.5 and earlier, issue in XML import mappings allow DOCTYPE declarations in the XML input that is potentially unsafe. | 5.3 |