Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
glance project glance vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv3
CVE-2022-31546
The nlpweb/glance repository through 2014-06-27 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Glance Project Glance
8.8
CVSSv3
CVE-2021-42072
An issue exists in Barrier prior to 2.4.0. The barriers component (aka the server-side implementation of Barrier) does not sufficiently verify the identify of connecting clients. Clients can thus exploit weaknesses in the provided protocol to cause denial-of-service or stage furt...
Barrier Project Barrier
Fedoraproject Fedora 34
Fedoraproject Fedora 35
6.5
CVSSv3
CVE-2022-25937
Versions of the package glance prior to 3.0.9 are vulnerable to Directory Traversal that allows users to read files outside the public root directory. This is related to but distinct from the vulnerability reported in [CVE-2018-3715](https://security.snyk.io/vuln/npm:glance:20180...
Glance Project Glance
6.5
CVSSv3
CVE-2018-3715
glance node module prior to 3.0.4 suffers from a Path Traversal vulnerability due to lack of validation of path passed to it, which allows a malicious user to read content of any file with known path.
Glance Project Glance
6.1
CVSSv3
CVE-2018-3748
There is a Stored XSS vulnerability in the glance node module versions <= 3.0.5. File name, which contains malicious HTML (eg. embedded iframe element or javascript: pseudo-protocol handler in <a> element) allows to execute JavaScript code against any user who opens a di...
Glance Project Glance 3.0.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started