Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Duraspace Subscribe
Filtered by product Vitro
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-6986 1 Duraspace 1 Vitro 2020-08-24 5.0 MEDIUM 7.5 HIGH
SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service (ReDoS), as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request.