Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Patrowl Security Vulnerabilities

cve
cve

CVE-2021-43829

PatrOwl is a free and open-source solution for orchestrating Security Operations. In versions prior to 1.7.7 PatrowlManager unrestrictly handle upload files in the findings import feature. This vulnerability is capable of uploading dangerous type of file to server leading to XSS attacks and...

8.8CVSS

8.6AI Score

0.008EPSS

2021-12-14 08:15 PM
19
cve
cve

CVE-2021-43828

PatrOwl is a free and open-source solution for orchestrating Security Operations. In versions prior to 1.77 an improper privilege management (IDOR) has been found in PatrowlManager. All imports findings file is placed under /media/imports// In that, owner_id is predictable and tmp_file is in...

7.5CVSS

7.5AI Score

0.001EPSS

2021-12-14 08:15 PM
17