Latest version: v0.17.1
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| CVE-2022-2134 | 62590 |
Allocation of Resources Without Limits or Throttling in GitHub reposi… |
|
MEDIUM | 6.5 |
| PVE-2023-55192 | 55192 |
Inventree 0.7.3 and 0.8.0 include a security fix: InvenTree uses Easy… |
|
- | - |
| CVE-2022-2113 | 62507 |
Cross-site Scripting (XSS) - Stored in GitHub repository inventree/in… |
|
MEDIUM | 5.4 |
| CVE-2022-3355 | 54493 |
Inventree prior to 0.8.3 is vulnerable to stored cross-site scripting… |
|
MEDIUM | 5.4 |
| PVE-2023-55205 | 55205 |
Inventree 0.7.2 includes a security fix: Affected versions can have m… |
|
- | - |
| CVE-2022-2111 | 54084 |
Inventree 0.7.2 includes a fix for CVE-2022-2111: Unrestricted Upload… |
|
HIGH | 8.8 |
| CVE-2022-2112 | 54072 |
Improper Neutralization of Formula Elements in a CSV File in GitHub r… |
|
HIGH | 8.8 |