Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
artifactory vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2022-0573
JFrog Artifactory prior to 7.36.1 and 6.23.41, is vulnerable to Insecure Deserialization of untrusted data which can lead to DoS, Privilege Escalation and Remote Code Execution when a specially crafted request is sent by a low privileged authenticated user due to insufficient val...
Jfrog Artifactory 7.35.0
Jfrog Artifactory
Jfrog Artifactory 7.36.0
187
VMScore
CVE-2018-1000424
An insufficiently protected credentials vulnerability exists in Jenkins Artifactory Plugin 2.16.1 and previous versions in ArtifactoryBuilder.java, CredentialsConfig.java that allows attackers with local file system access to obtain old credentials configured for the plugin befor...
Jfrog Artifactory
668
VMScore
CVE-2016-6501
JFrog Artifactory prior to 4.11 allows remote malicious users to execute arbitrary code via an LDAP attribute with a crafted serialized Java object, aka LDAP entry poisoning.
Jfrog Artifactory
578
VMScore
CVE-2018-1000623
JFrog JFrog Artifactory version Prior to version 6.0.3, since version 4.0.0 contains a Directory Traversal vulnerability in The "Import Repository from Zip" feature, available through the Admin menu -> Import & Export -> Repositories, triggers a vulnerable UI ...
Jfrog Artifactory
755
VMScore
CVE-2016-10036
Unrestricted file upload vulnerability in ui/artifact/upload in JFrog Artifactory prior to 4.16 allows remote malicious users to (1) deploy an arbitrary servlet application and execute arbitrary code by uploading a war file or (2) possibly write to arbitrary files and cause a den...
Jfrog Artifactory
1 EDB exploit
356
VMScore
CVE-2021-45730
JFrog Artifactory before 7.31.10, is vulnerable to Broken Access Control where a Project Admin is able to create, edit and delete Repository Layouts while Repository Layouts configuration should only be available for Platform Administrators.
Jfrog Artifactory
383
VMScore
CVE-2019-10324
A cross-site request forgery vulnerability in Jenkins Artifactory Plugin 3.2.2 and previous versions in ReleaseAction#doSubmit, GradleReleaseApiAction#doStaging, MavenReleaseApiAction#doStaging, and UnifiedPromoteBuildAction#doSubmit allowed malicious users to schedule a release ...
Jfrog Artifactory
NA
CVE-2023-42508
JFrog Artifactory prior to version 7.66.0 is vulnerable to specific endpoint abuse with a specially crafted payload, which can lead to unauthenticated users being able to send emails with manipulated email body.
Jfrog Artifactory
445
VMScore
CVE-2020-2165
Jenkins Artifactory Plugin 3.6.0 and previous versions transmits configured passwords in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure.
Jfrog Artifactory
578
VMScore
CVE-2020-7931
In JFrog Artifactory 5.x and 6.x, insecure FreeMarker template processing leads to remote code execution, e.g., by modifying a .ssh/authorized_keys file. Patches are available for various versions between 5.11.8 and 6.16.0. The issue exists because use of the DefaultObjectWrapper...
Jfrog Artifactory
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »