bytefury/crater Security Advisories for 3.0.0 (4)
-
[MEDIUM] Cross-site Scripting in Crater Invoice
PKSA-nj59-1hcd-8xsr CVE-2022-0372 GHSA-6vfw-74wr-3chh
Affected version: <6.0.0
Reported by:
GitHub -
[MEDIUM] Missing Authorization in Crater Invoice
PKSA-h7fk-ywms-z2wt CVE-2022-0203 GHSA-xh9g-cp3v-p8q4
Affected version: <6.0.2
Reported by:
GitHub -
[HIGH] crater is vulnerable to Unrestricted Upload of File with Dangerous Type
PKSA-nw9h-xd3p-pgct CVE-2021-4080 GHSA-wppj-3pjr-9w79
Affected version: <6.0.0
Reported by:
GitHub -
[HIGH] Unrestricted Upload of File with Dangerous Type in Crater
PKSA-8ftn-d2wy-3bq7 CVE-2022-0242 GHSA-728c-42pc-fwxg
Affected version: <6.0
Reported by:
GitHub