Vulnerabilidades em DependencyTrack
6 resultadosCVE-2022-39350MEDIUM@dependencytrack/frontend vulnerable to Persistent Cross-Site-Scripting via Vulnerability DetailsEPSS 0.7%CVE-2024-54002MEDIUMDependency-Track allows enumeration of managed users via /api/v1/user/login endpointEPSS 0.3%CVE-2025-61776MEDIUMDependency-Track possibly discloses private NuGet repository credentials to api.nuget.orgEPSS 0.3%CVE-2022-39351MEDIUMDependency-Track vulnerable to logging of API keys in clear text when handling API requests using keys with insufficient permissionsEPSS 0.2%CVE-2025-64758MEDIUM@dependencytrack/frontend Vulnerable to Persistent Cross-Site-Scripting via Welcome MessageEPSS 0.2%CVE-2025-27137MEDIUMDependency-Track vulnerable to local file inclusion via custom notification templatesEPSS 0.2%