← Back

Liftoffsoftware

liftoffsoftware

3 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Gateone
gateone
2 CVEs
Gate One
gate_one
1 CVE

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-19003
1Liftoffsoftware
1Gate One
Nov 21, 2024
Oct 6, 2021
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
An issue in Gate One 1.2.0 allows attackers to bypass to the verification check done by the origins list and connect to Gate One instances used by hosts not on the origins list.
CVE-2020-35736
1Liftoffsoftware
1Gateone
Nov 21, 2024
Dec 27, 2020
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
GateOne 1.1 allows arbitrary file download without authentication via /downloads/.. directory traversal because os.path.join is misused.
CVE-2020-20184
1Liftoffsoftware
1Gateone
Nov 21, 2024
Dec 14, 2020
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
GateOne allows remote attackers to execute arbitrary commands via shell metacharacters in the port field when attempting an SSH connection.