Diagrams

diagrams

26 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Drawio

drawio

26 CVEs

CVEs (26)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-3975 1Diagrams 1Drawio Nov 21, 2024 Jul 27, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 OS Command Injection in GitHub repository jgraph/drawio prior to 21.5.0.
CVE-2023-3974 1Diagrams 1Drawio Nov 21, 2024 Jul 27, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 OS Command Injection in GitHub repository jgraph/drawio prior to 21.4.0.
CVE-2023-3973 1Diagrams 1Drawio Nov 21, 2024 Jul 27, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross-site Scripting (XSS) - Reflected in GitHub repository jgraph/drawio prior to 21.6.3.
CVE-2023-3398 1Diagrams 1Drawio Nov 21, 2024 Jun 26, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 Denial of Service in GitHub repository jgraph/drawio prior to 18.1.3.
CVE-2023-3026 1Diagrams 1Drawio Jan 10, 2025 Jun 1, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 21.2.8.
CVE-2022-3873 1Diagrams 1Drawio Nov 21, 2024 Nov 7, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross-site Scripting (XSS) - DOM in GitHub repository jgraph/drawio prior to 20.5.2.
CVE-2022-3223 1Diagrams 1Drawio Nov 21, 2024 Sep 16, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 20.3.1.
CVE-2022-3133 1Diagrams 1Drawio Nov 21, 2024 Sep 9, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 OS Command Injection in GitHub repository jgraph/drawio prior to 20.3.0.
CVE-2022-3148 1Diagrams 1Drawio Nov 21, 2024 Sep 8, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross-site Scripting (XSS) - Generic in GitHub repository jgraph/drawio prior to 20.3.0.
CVE-2022-3138 1Diagrams 1Drawio Nov 21, 2024 Sep 8, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Cross-site Scripting (XSS) - Generic in GitHub repository jgraph/drawio prior to 20.3.0.
CVE-2022-3127 1Diagrams 1Drawio Nov 21, 2024 Sep 5, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 20.2.8.
CVE-2022-3065 1Diagrams 1Drawio Nov 21, 2024 Sep 2, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Improper Access Control in GitHub repository jgraph/drawio prior to 20.2.8.
CVE-2022-2015 1Diagrams 1Drawio Nov 21, 2024 Jun 9, 2022 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 19.0.2.
CVE-2022-2014 1Diagrams 1Drawio Nov 21, 2024 Jun 9, 2022 N/A· v4 5.4 MEDIUM· v3 3.5 LOW· v2 Code Injection in GitHub repository jgraph/drawio prior to 19.0.2.
CVE-2022-1815 1Diagrams 1Drawio Nov 21, 2024 May 25, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.1.2.
CVE-2022-1784 1Diagrams 1Drawio Nov 21, 2024 May 20, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.8.
CVE-2022-1730 1Diagrams 1Drawio Nov 21, 2024 May 19, 2022 N/A· v4 4.6 MEDIUM· v3 3.5 LOW· v2 Cross-site Scripting (XSS) - Stored in GitHub repository jgraph/drawio prior to 18.0.4.
CVE-2022-1774 1Diagrams 1Drawio Nov 21, 2024 May 18, 2022 N/A· v4 6.1 MEDIUM· v3 5.8 MEDIUM· v2 Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.0.7.
CVE-2022-1767 1Diagrams 1Drawio Nov 21, 2024 May 18, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.7.
CVE-2022-1727 1Diagrams 1Drawio Nov 21, 2024 May 18, 2022 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Improper Input Validation in GitHub repository jgraph/drawio prior to 18.0.6.

12 Next