Known Vulnerabilities for Artifactory by Jfrog
Listed below are 10 of the newest known vulnerabilities associated with "Artifactory" by "Jfrog".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-42508 json | JFrog Artifactory prior to version 7.66.0 is vulnerable to specific endpoint abuse with a specially crafted payload, which ca... | 6.5 - MEDIUM | 2023-10-03 | 2023-10-05 |
| CVE-2022-0668 json | JFrog Artifactory prior to 7.37.13 is vulnerable to Authentication Bypass, which can lead to Privilege Escalation when a spec... | 9.8 - CRITICAL | 2023-01-08 | 2023-01-12 |
| CVE-2022-0573 json | JFrog Artifactory before 7.36.1 and 6.23.41, is vulnerable to Insecure Deserialization of untrusted data which can lead to Do... | 8.8 - HIGH | 2022-05-16 | 2022-05-25 |
| CVE-2021-46687 json | JFrog Artifactory prior to version 7.31.10 and 6.23.38 is vulnerable to Sensitive Data Exposure through the Project Administr... | 4.9 - MEDIUM | 2022-07-06 | 2022-07-13 |
| CVE-2021-46270 json | JFrog Artifactory before 7.31.10, is vulnerable to Broken Access Control where a project admin user is able to list all avail... | 2.7 - LOW | 2022-03-02 | 2023-06-26 |
| CVE-2021-45730 json | JFrog Artifactory prior to 7.31.10, is vulnerable to Broken Access Control where a Project Admin is able to create, edit and ... | 4.9 - MEDIUM | 2022-05-19 | 2022-08-09 |
| CVE-2021-45721 json | JFrog Artifactory prior to version 7.29.8 and 6.23.38 is vulnerable to Reflected Cross-Site Scripting (XSS) through one of th... | 6.1 - MEDIUM | 2022-07-06 | 2022-07-13 |
| CVE-2021-45074 json | JFrog Artifactory before 7.29.3 and 6.23.38, is vulnerable to Broken Access Control, a low-privileged user is able to delete ... | 5.4 - MEDIUM | 2022-03-02 | 2022-08-09 |
| CVE-2021-41834 json | JFrog Artifactory prior to version 7.28.0 and 6.23.38, is vulnerable to Broken Access Control, the copy functionality can be ... | 6.5 - MEDIUM | 2022-05-23 | 2022-08-09 |
| CVE-2021-23163 json | JFrog Artifactory prior to version 7.33.6 and 6.23.38, is vulnerable to CSRF ( Cross-Site Request Forgery) for specific endpo... | 8.8 - HIGH | 2022-07-06 | 2022-07-13 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Jfrog | Artifactory | 6.9.6 | |||
| Application | Jfrog | Artifactory | 6.9.5 | |||
| Application | Jfrog | Artifactory | 6.9.4 | |||
| Application | Jfrog | Artifactory | 6.9.3 | |||
| Application | Jfrog | Artifactory | 6.9.2 | |||
| Application | Jfrog | Artifactory | 6.9.1 | |||
| Application | Jfrog | Artifactory | 6.9.0 | |||
| Application | Jfrog | Artifactory | 6.8.9 | |||
| Application | Jfrog | Artifactory | 6.8.7 | |||
| Application | Jfrog | Artifactory | 6.8.6 | |||
| Application | Jfrog | Artifactory | 6.8.4 | |||
| Application | Jfrog | Artifactory | 6.8.3 | |||
| Application | Jfrog | Artifactory | 6.8.2 | |||
| Application | Jfrog | Artifactory | 6.8.17 | |||
| Application | Jfrog | Artifactory | 6.8.16 | |||
| Application | Jfrog | Artifactory | 6.8.15 | |||
| Application | Jfrog | Artifactory | 6.8.14 | |||
| Application | Jfrog | Artifactory | 6.8.12 | |||
| Application | Jfrog | Artifactory | 6.8.1 | |||
| Application | Jfrog | Artifactory | 6.8.0 |