Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo

SDLC

Artifactory

As the worlds first universal repository JFrog Artifactory is the mission-critical heart of the JFrog Platform functioning as the single source of truth for all packages container images and Helm charts as they move across the entire DevOps pipeline.

Official Site:

https://jfrog.com/artifactory/

Severity Summary:

Critical: 6 High: 10 Medium: 14 Low: 1
Reference
Title
Severity
CVE-2019-17444
Artifactory Weak Password Requirements Vulnerability
Critical
CVE-2022-0668
Artifactory Improper Privilege Management Vulnerability
Critical
CVE-2016-6501
Artifactory Improper Input Validation Vulnerability
Critical
CVE-2018-19971
Artifactory Insufficient Verification of Data Authenticity Vulnerability
Critical
CVE-2019-9733
Artifactory Vulnerability
Critical
CVE-2016-10036
Artifactory Unrestricted Upload of File with Dangerous Type Vulnerability
Critical
CVE-2018-1000623
Artifactory Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2023-42661
Artifactory Vulnerability
High
CVE-2023-42509
Artifactory Improper Handling of Exceptional Conditions Vulnerability
High
CVE-2021-23163
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2022-0573
Artifactory Deserialization of Untrusted Data Vulnerability
High
CVE-2020-2165
Artifactory Insufficiently Protected Credentials Vulnerability
High
CVE-2018-1000206
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2018-1000424
Artifactory Insufficiently Protected Credentials Vulnerability
High
CVE-2019-19937
Artifactory Improper Input Validation Vulnerability
High
CVE-2020-7931
Artifactory Vulnerability
High
CVE-2023-42662
Artifactory Improper Authentication Vulnerability
Medium
CVE-2024-2247
Artifactory Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-42508
Artifactory Vulnerability
Medium
CVE-2019-10324
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2021-45721
Artifactory Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-46687
Artifactory Exposure of Resource to Wrong Sphere Vulnerability
Medium
CVE-2019-10323
Artifactory Missing Authorization Vulnerability
Medium
CVE-2021-41834
Artifactory Incorrect Permission Assignment for Critical Resource Vulnerability
Medium
CVE-2019-10322
Artifactory Missing Authorization Vulnerability
Medium
CVE-2021-45730
Artifactory Incorrect Authorization Vulnerability
Medium
CVE-2021-45074
Artifactory Incorrect Authorization Vulnerability
Medium
CVE-2020-2164
Artifactory Insufficiently Protected Credentials Vulnerability
Medium
CVE-2019-10321
Artifactory Cross-Site Request Forgery (CSRF) Vulnerability
Medium
CVE-2024-3505
Artifactory Vulnerability
Medium