Vulnerabilities (CVE)

Filtered by vendor Xgenecloud Subscribe

Filtered by product Nocodb

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-3423	1 Xgenecloud	1 Nocodb	2023-08-02	N/A	6.5 MEDIUM
Allocation of Resources Without Limits or Throttling in GitHub repository nocodb/nocodb prior to 0.92.0.
CVE-2022-2079	1 Xgenecloud	1 Nocodb	2022-06-22	3.5 LOW	5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository nocodb/nocodb prior to 0.91.7+.
CVE-2022-2022	1 Xgenecloud	1 Nocodb	2022-06-16	3.5 LOW	5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository nocodb/nocodb prior to 0.91.7.
CVE-2022-22120	1 Xgenecloud	1 Nocodb	2022-01-19	5.0 MEDIUM	5.3 MEDIUM
In NocoDB, versions 0.9 to 0.83.8 are vulnerable to Observable Discrepancy in the password-reset feature. When requesting a password reset for a given email address, the application displays an error message when the email isn't registered within the system. This allows attackers to enumerate the registered users' email addresses.