← Back

Yed

yed

Vendor: Yworks • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-25216
1Yworks
1Yed
Nov 21, 2024
Sep 17, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet.
CVE-2020-25215
1Yworks
1Yed
Nov 21, 2024
Sep 17, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document.