Latest version: v1.2.7
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| CVE-2022-25858 | 60717 |
Catboost 1.2.1 updates its NPM dependency 'tenser' to version '5.19.2… |
|
HIGH | 7.5 |
| CVE-2022-25883 | 60757 |
Catboost 1.2.1 updates its NPM dependency 'semver' to version '5.7.2'… |
|
HIGH | 7.5 |
| CVE-2023-34454 | 60766 |
Catboost 1.2.1 updates its dependency 'snappy-java' to version '1.1.1… |
|
HIGH | 7.5 |
| CVE-2021-23368 | 60760 |
Catboost 1.2.1 updates its dependency 'postcss' to version '8.4.27' t… |
|
MEDIUM | 5.3 |
| CVE-2021-23382 | 60759 |
Catboost 1.2.1 updates its NPM dependency 'postcss' to version '8.4.2… |
|
HIGH | 7.5 |
| CVE-2021-32803 | 60749 |
Catboost 1.2.1 updates its NPM dependency 'tar' to version '6.1.15' t… |
|
HIGH | 8.1 |
| CVE-2021-23364 | 60756 |
Catboost 1.2.1 updates its NPM dependency 'browserslist' to version '… |
|
MEDIUM | 5.3 |
| CVE-2020-15250 | 60765 |
Catboost 1.2.1 updates its dependency 'junit:junit' to version '4.13.… |
|
MEDIUM | 5.5 |
| CVE-2021-37701 | 60746 |
Catboost 1.2.1 updates its NPM dependency 'tar' to version '6.1.15' t… |
|
HIGH | 8.6 |
| CVE-2020-8908 | 60772 |
Catboost 1.2.1 updates its dependency 'guava' to version '32.0.0-jre'… |
|
LOW | 3.3 |
| CVE-2021-33502 | 60764 |
Catboost 1.2.1 updates its dependency 'normalize-url' to version '4.5… |
|
HIGH | 7.5 |
| CVE-2021-32804 | 60750 |
Catboost 1.2.1 updates its NPM dependency 'tar' to version '6.1.15' t… |
|
HIGH | 8.1 |
| CVE-2021-23343 | 60758 |
Catboost 1.2.1 updates its NPM dependency 'path-parse' to version '1.… |
|
HIGH | 7.5 |
| CVE-2021-3807 | 60763 |
Catboost 1.2.1 updates its dependency 'ansi-regex' to version '5.0.1'… |
|
HIGH | 7.5 |
| CVE-2021-37712 | 60747 |
Catboost 1.2.1 updates its NPM dependency 'tar' to version '6.1.15' t… |
|
HIGH | 8.6 |
| CVE-2021-37713 | 60748 |
Catboost 1.2.1 updates its NPM dependency 'tar' to version '6.1.15' t… |
|
HIGH | 8.6 |
| CVE-2021-23566 | 60761 |
Catboost 1.2.1 updates its dependency 'nanoid' to version '3.3.6' to … |
|
MEDIUM | 5.5 |
| CVE-2021-44906 | 60755 |
Catboost 1.2.1 updates its NPM dependency 'minimist' to version '1.2.… |
|
CRITICAL | 9.8 |
| CVE-2022-37601 | 60754 |
Catboost 1.2.1 updates its NPM dependency 'loader-utils' to version '… |
|
CRITICAL | 9.8 |
| CVE-2022-46175 | 60762 |
Catboost 1.2.1 updates its dependency 'json5' to version '3.3.6' to i… |
|
HIGH | 8.8 |
| CVE-2022-25881 | 60745 |
Catboost 1.2.1 updates its NPM dependency 'http-cache-semantics' to v… |
|
HIGH | 7.5 |
| CVE-2023-28154 | 60751 |
Catboost 1.2.1 updates its NPM dependency 'webpack' to version '5.76.… |
|
CRITICAL | 9.8 |
| CVE-2023-34453 | 60768 |
Catboost 1.2.1 updates its dependency 'snappy-java' to version '1.1.1… |
|
HIGH | 7.5 |
| CVE-2023-34455 | 60767 |
Catboost 1.2.1 updates its dependency 'snappy-java' to version '1.1.1… |
|
HIGH | 7.5 |
| CVE-2022-37599 | 60752 |
Catboost 1.2.1 updates its NPM dependency 'loader-utils' to version '… |
|
HIGH | 7.5 |
| CVE-2022-42004 | 60770 |
Catboost 1.2.1 updates its dependency 'jackson-databind' to version '… |
|
HIGH | 7.5 |
| CVE-2022-42003 | 60769 |
Catboost 1.2.1 updates its dependency 'jackson-databind' to version '… |
|
HIGH | 7.5 |
| CVE-2022-3517 | 60744 |
Catboost 1.2.1 updates its NPM dependency 'minimatch' to version '3.1… |
|
HIGH | 7.5 |
| CVE-2020-36518 | 60771 |
Catboost 1.2.1 updates its dependency 'jackson-databind' to version '… |
|
HIGH | 7.5 |
| CVE-2022-37603 | 60753 |
Catboost 1.2.1 updates its NPM dependency 'loader-utils' to version '… |
|
HIGH | 7.5 |
| CVE-2017-15288 | 41743 |
Catboost 0.26 updates version of 'scala' to v2.11.12 for security rea… |
|
HIGH | 7.8 |