JFrog Security Research
< Back
Software Vulnerabilities
Last Updated On 19 Nov, 2024
- JFSA-2024-001063927Wget shorthand URLs SSRFCVE-2024-10524mediumDiscovered ByGoni GolanPublished on 19 Nov, 2024
- JFSA-2024-001039605Mage AI pipeline interaction request remote arbitrary file leakCVE-2024-45190mediumDiscovered ByOri HollanderPublished on 23 Aug, 2024
- JFSA-2024-001039604Mage AI git content request remote arbitrary file leakCVE-2024-45189mediumDiscovered ByOri HollanderPublished on 23 Aug, 2024
- JFSA-2024-001039603Mage AI file content request remote arbitrary file leakCVE-2024-45188mediumDiscovered ByOri HollanderPublished on 23 Aug, 2024
- JFSA-2024-001039602Mage AI deleted users RCECVE-2024-45187highDiscovered ByOri HollanderPublished on 23 Aug, 2024
- JFSA-2024-001039574Mage AI Terminal Server InfoleakCVE-2024-8072mediumDiscovered ByOri HollanderPublished on 22 Aug, 2024
- JFSA-2024-001039248W&B Weave server remote arbitrary file leakCVE-2024-7340highDiscovered ByNatan Nehorai and Uriya YavnieliPublished on 31 Jul, 2024
- JFSA-2024-001035518H2O Model Deserialization RCECVE-2024-6960highDiscovered ByOri HollanderPublished on 21 Jul, 2024
- JFSA-2024-001035519Guardrails RAIL XXECVE-2024-6961mediumDiscovered ByNatan NehoraiPublished on 21 Jul, 2024
- JFSA-2024-001035320Deep Lake Kaggle dataset command injectionCVE-2024-6507highDiscovered ByNatan NehoraiPublished on 4 Jul, 2024