Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Obsidian Subscribe
Filtered by product Obsidian
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-36450 1 Obsidian 1 Obsidian 2022-10-25 N/A 9.8 CRITICAL
Obsidian 0.14.x and 0.15.x before 0.15.5 allows obsidian://hook-get-address remote code execution because window.open is used without checking the URL.
CVE-2021-38148 1 Obsidian 1 Obsidian 2022-02-10 7.5 HIGH 9.8 CRITICAL
Obsidian before 0.12.12 does not require user confirmation for non-http/https URLs.