Vulnerabilidades em cvat-ai
16 resultadosCVE-2022-31188HIGHServer-Side Request Forgery Vulnerability in Computer Vision Annotation Tool (CVAT)EPSS 47.8%CVE-2025-23045HIGHCVAT allows remote code execution via tracker Nuclio functionsEPSS 0.5%CVE-2024-37164HIGHCVAT SSRF via custom cloud storage endpointsEPSS 0.3%CVE-2025-64485MEDIUMCVAT: Mounted share file overwrite via crafted requestEPSS 0.3%CVE-2024-47064MEDIUMComputer Vision Annotation Tool (CVAT) contains a reflected XSS via request endpointsEPSS 0.3%CVE-2024-47063MEDIUMComputer Vision Annotation Tool (CVAT) contains a stored XSS via the quality report data endpointEPSS 0.3%CVE-2026-44369HIGHCVAT: Stored XSS via annotation guidesEPSS 0.3%CVE-2026-23526HIGHCVAT vulnerable to privilege escalation of users with staff statusEPSS 0.3%CVE-2025-49135MEDIUMCVAT missing validation for in-progress backup upload namesEPSS 0.3%CVE-2024-47172MEDIUMComputer Vision Annotation Tool (CVAT) access control is broken in several PATCH endpointsEPSS 0.3%CVE-2025-54573MEDIUMCVAT vulnerable to email verification bypass by use of basic authenticationEPSS 0.3%CVE-2025-48381MEDIUMCVAT has information disclosure via browsable APIEPSS 0.2%CVE-2024-45393MEDIUMComputer Vision Annotation Tool (CVAT) is missing authorization for endpoints related to webhook deliveriesEPSS 0.2%CVE-2025-68430MEDIUMCVAT vulnerable to directory traversal via mounted share listingEPSS 0.2%CVE-2024-37306HIGHCVAT's export and backup-related API endpoints are susceptible to CSRFEPSS 0.2%CVE-2026-23516HIGHCVAT vulnerable to XSS via skeleton SVG imagesEPSS 0.1%