Vulnerabilities > SAP > Contributor License Agreement Assistant
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-15 | CVE-2023-39438 | Missing Authorization vulnerability in SAP Contributor License Agreement Assistant A missing authorization check allows an arbitrary authenticated user to perform certain operations through the API of CLA-assistant by executing specific additional steps. | 8.1 |
| 2022-06-06 | CVE-2022-29617 | Improper Handling of Exceptional Conditions vulnerability in SAP Contributor License Agreement Assistant Due to improper error handling an authenticated user can crash CLA assistant instance. | 6.5 |