Perfsonar

perfsonar

Vendor: Perfsonar • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-45213 1Perfsonar 1Perfsonar Apr 10, 2025 Jan 1, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 perfSONAR before 4.4.6 inadvertently supports the parse option for a file:// URL.
CVE-2022-45027 1Perfsonar 1Perfsonar Apr 11, 2025 Jan 1, 2023 N/A· v4 5.3 MEDIUM· v3 N/A· v2 perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address.
CVE-2022-41413 1Perfsonar 1Perfsonar May 2, 2025 Nov 30, 2022 N/A· v4 4.3 MEDIUM· v3 N/A· v2 perfSONAR v4.x <= v4.4.5 was discovered to contain a Cross-Site Request Forgery (CSRF) which is triggered when an attacker injects crafted input into the Search function.
CVE-2022-41412 1Perfsonar 1Perfsonar Apr 24, 2025 Nov 30, 2022 N/A· v4 8.6 HIGH· v3 N/A· v2 An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access sensitive data and execute Server-Side Request Forgery (SSRF) attacks.