← Back

Otter

otter

Vendor: Inedo • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2017-17086
1Inedo
1Otter
May 13, 2026
Dec 1, 2017
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Indeo Otter through 1.7.4 mishandles a "</script>" substring in an initial DP payload, which allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact, as demonstrated by the...Show more
Indeo Otter through 1.7.4 mishandles a "</script>" substring in an initial DP payload, which allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact, as demonstrated by the Plan Editor.Show less
CVE-2017-15607
1Inedo
1Otter
May 13, 2026
Dec 1, 2017
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
Inedo Otter before 1.7.4 has directory traversal in filesystem-based rafts via vectors involving '/' characters or initial '.' characters, aka OT-181.