Known Vulnerabilities for products from Metersphere
Listed below are 16 of the newest known vulnerabilities associated with the vendor "Metersphere".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-50267 json | 4.3 - MEDIUM | 2023-12-28 | 2024-01-04 | |
| CVE-2023-41878 json | MeterSphere is a one-stop open source continuous testing platform, covering functions such as test tracking, interface testin... | 9.8 - CRITICAL | 2023-09-27 | 2023-09-30 |
| CVE-2023-38494 json | MeterSphere is an open-source continuous testing platform. Prior to version 2.10.4 LTS, some interfaces of the Cloud version ... | 7.5 - HIGH | 2023-08-04 | 2023-08-08 |
| CVE-2023-37461 json | Metersphere is an opensource testing framework. Files uploaded to Metersphere may define a `belongType` value with a relative... | 9.8 - CRITICAL | 2023-07-17 | 2023-07-27 |
| CVE-2023-35937 json | Metersphere is an open source continuous testing platform. In versions prior to 2.10.2 LTS, some key APIs in Metersphere lack... | 8.8 - HIGH | 2023-07-06 | 2023-07-12 |
| CVE-2023-32699 json | MeterSphere is an open source continuous testing platform. Version 2.9.1 and prior are vulnerable to denial of service. Th... | 6.5 - MEDIUM | 2023-05-30 | 2023-11-07 |
| CVE-2023-30550 json | MeterSphere is an open source continuous testing platform, covering functions such as test tracking, interface testing, UI te... | 4.5 - MEDIUM | 2023-05-04 | 2023-05-10 |
| CVE-2023-29944 json | Metersphere v1.20.20-lts-79d354a6 is vulnerable to Remote Command Execution. The system command reverse-shell can be executed... | 9.8 - CRITICAL | 2023-05-08 | 2023-05-11 |
| CVE-2023-25814 json | metersphere is an open source continuous testing platform. In versions prior to 2.7.1 a user who has permission to create a r... | 6.5 - MEDIUM | 2023-03-09 | 2023-03-15 |
| CVE-2023-25573 json | metersphere is an open source continuous testing platform. In affected versions an improper access control vulnerability exis... | 7.5 - HIGH | 2023-03-09 | 2023-03-15 |
| CVE-2022-46178 json | MeterSphere is a one-stop open source continuous testing platform, covering test management, interface testing, UI testing an... | 8.8 - HIGH | 2022-12-29 | 2023-01-05 |
| CVE-2022-23544 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2022-12-28 | 2023-01-05 |
| CVE-2022-23512 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.1 - HIGH | 2022-12-14 | 2022-12-16 |
| CVE-2021-45790 json | An arbitrary file upload vulnerability was found in Metersphere v1.15.4. Unauthenticated users can upload any file to arbitra... | 9.8 - CRITICAL | 2022-09-29 | 2022-09-30 |
| CVE-2021-45789 json | An arbitrary file read vulnerability was found in Metersphere v1.15.4, where authenticated users can read any file on the ser... | 6.5 - MEDIUM | 2022-09-29 | 2022-09-30 |
| CVE-2021-45788 json | Time-based SQL Injection vulnerabilities were found in Metersphere v1.15.4 via the "orders" parameter. | 8.8 - HIGH | 2022-09-29 | 2022-09-30 |