Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

CLA Assistant Security Vulnerabilities

cve
cve

CVE-2023-39438

A missing authorization check allows an arbitrary authenticated user to perform certain operations through the API of CLA-assistant by executing specific additional steps. This allows an arbitrary authenticated user to read CLA information including information of the persons who signed them as...

8.1CVSS

7.9AI Score

0.001EPSS

2023-08-15 05:15 PM
2359
cve
cve

CVE-2022-29617

Due to improper error handling an authenticated user can crash CLA assistant instance. This could impact the availability of the...

6.5CVSS

6.3AI Score

0.001EPSS

2022-06-06 08:15 PM
51
6
cve
cve

CVE-2021-21471

In CLA-Assistant, versions before 2.8.5, due to improper access control an authenticated user could access API endpoints which are not intended to be used by the user. This could impact the integrity of the...

6.5CVSS

6.3AI Score

0.001EPSS

2021-01-12 03:15 PM
21
3