Skip to main content

Contributor License Agreement Assistant

2 CVEs product

Monthly

CVE-2023-39438 HIGH This Week

A missing authorization check allows an arbitrary authenticated user to perform certain operations through the API of CLA-assistant by executing specific additional steps. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Contributor License Agreement Assistant
NVD GitHub
CVSS 3.1
8.1
EPSS
0.4%
CVE-2022-29617 MEDIUM This Month

Due to improper error handling an authenticated user can crash CLA assistant instance. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Contributor License Agreement Assistant
NVD GitHub
CVSS 3.1
6.5
EPSS
0.8%
EPSS 0% CVSS 8.1
HIGH This Week

A missing authorization check allows an arbitrary authenticated user to perform certain operations through the API of CLA-assistant by executing specific additional steps. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Contributor License Agreement Assistant
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM This Month

Due to improper error handling an authenticated user can crash CLA assistant instance. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Contributor License Agreement Assistant
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy