Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
15 vulnerabilities by inventree
CVE-2026-39362 (GCVE-0-2026-39362)
Vulnerability from cvelistv5 – Published: 2026-04-08 19:32 – Updated: 2026-04-10 20:44
VLAI?
Title
InvenTree has SSRF via Remote Image Download — No IP/Hostname Validation on remote_image URLs
Summary
InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, when INVENTREE_DOWNLOAD_FROM_URL is enabled (opt-in), authenticated users can supply remote_image URLs that are fetched server-side via requests.get() with only Django's URLValidator check. There is no validation against private IP ranges or internal hostnames. Redirects are followed (allow_redirects=True), enabling bypass of any URL-format checks. This vulnerability is fixed in 1.2.7 and 1.3.0.
Severity ?
CWE
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-39362",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-10T20:43:57.761676Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-10T20:44:13.278Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "InvenTree",
"vendor": "inventree",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, when INVENTREE_DOWNLOAD_FROM_URL is enabled (opt-in), authenticated users can supply remote_image URLs that are fetched server-side via requests.get() with only Django\u0027s URLValidator check. There is no validation against private IP ranges or internal hostnames. Redirects are followed (allow_redirects=True), enabling bypass of any URL-format checks. This vulnerability is fixed in 1.2.7 and 1.3.0."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918: Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T19:32:46.744Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/inventree/InvenTree/security/advisories/GHSA-m9j7-jw3m-fr22",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/inventree/InvenTree/security/advisories/GHSA-m9j7-jw3m-fr22"
}
],
"source": {
"advisory": "GHSA-m9j7-jw3m-fr22",
"discovery": "UNKNOWN"
},
"title": "InvenTree has SSRF via Remote Image Download \u2014 No IP/Hostname Validation on remote_image URLs"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-39362",
"datePublished": "2026-04-08T19:32:46.744Z",
"dateReserved": "2026-04-06T21:29:17.349Z",
"dateUpdated": "2026-04-10T20:44:13.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35479 (GCVE-0-2026-35479)
Vulnerability from cvelistv5 – Published: 2026-04-08 19:27 – Updated: 2026-04-09 14:16
VLAI?
Title
InvenTree Plugin Installation - Insufficient Permissions
Summary
InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, any users who have staff access permissions can install plugins via the API, without requiring "superuser" account access. This level of permission requirement is out of alignment with other plugin actions (such as uninstalling) which do require superuser access. The vulnerability allows staff users (who may be considered to have a lower level of trust than a superuser account) to install arbitrary (and potentially harmful) plugins. This vulnerability is fixed in 1.2.7 and 1.3.0.
Severity ?
6.6 (Medium)
CWE
- CWE-285 - Improper Authorization
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35479",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-09T14:16:28.170445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-09T14:16:36.423Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "InvenTree",
"vendor": "inventree",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, any users who have staff access permissions can install plugins via the API, without requiring \"superuser\" account access. This level of permission requirement is out of alignment with other plugin actions (such as uninstalling) which do require superuser access. The vulnerability allows staff users (who may be considered to have a lower level of trust than a superuser account) to install arbitrary (and potentially harmful) plugins. This vulnerability is fixed in 1.2.7 and 1.3.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T19:27:57.320Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/inventree/InvenTree/security/advisories/GHSA-7c3q-vwcv-2vp7",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/inventree/InvenTree/security/advisories/GHSA-7c3q-vwcv-2vp7"
},
{
"name": "https://docs.inventree.org/en/stable/concepts/threat_model/#assumed-trust",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.inventree.org/en/stable/concepts/threat_model/#assumed-trust"
},
{
"name": "https://docs.inventree.org/en/stable/start/config/#plugin-options",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.inventree.org/en/stable/start/config/#plugin-options"
}
],
"source": {
"advisory": "GHSA-7c3q-vwcv-2vp7",
"discovery": "UNKNOWN"
},
"title": "InvenTree Plugin Installation - Insufficient Permissions"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-35479",
"datePublished": "2026-04-08T19:27:57.320Z",
"dateReserved": "2026-04-02T20:49:44.453Z",
"dateUpdated": "2026-04-09T14:16:36.423Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35476 (GCVE-0-2026-35476)
Vulnerability from cvelistv5 – Published: 2026-04-08 19:26 – Updated: 2026-04-08 19:53
VLAI?
Title
InvenTree Affected by Privilege Escalation via API
Summary
InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, a non-staff authenticated user can elevate their account to a staff level via a POST request against their user account endpoint. The write permissions on the API endpoint are improperly configured, allowing any user to change their staff status. This vulnerability is fixed in 1.2.7 and 1.3.0.
Severity ?
7.2 (High)
CWE
- CWE-285 - Improper Authorization
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35476",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-08T19:53:23.187630Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T19:53:28.982Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "InvenTree",
"vendor": "inventree",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "InvenTree is an Open Source Inventory Management System. Prior to 1.2.7 and 1.3.0, a non-staff authenticated user can elevate their account to a staff level via a POST request against their user account endpoint. The write permissions on the API endpoint are improperly configured, allowing any user to change their staff status. This vulnerability is fixed in 1.2.7 and 1.3.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285: Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T19:26:12.692Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/inventree/InvenTree/security/advisories/GHSA-r8q5-3595-3jh2",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/inventree/InvenTree/security/advisories/GHSA-r8q5-3595-3jh2"
},
{
"name": "https://docs.inventree.org/en/stable/concepts/threat_model/#assumed-trust",
"tags": [
"x_refsource_MISC"
],
"url": "https://docs.inventree.org/en/stable/concepts/threat_model/#assumed-trust"
}
],
"source": {
"advisory": "GHSA-r8q5-3595-3jh2",
"discovery": "UNKNOWN"
},
"title": "InvenTree Affected by Privilege Escalation via API"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-35476",
"datePublished": "2026-04-08T19:26:12.692Z",
"dateReserved": "2026-04-02T20:49:44.453Z",
"dateUpdated": "2026-04-08T19:53:28.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35478 (GCVE-0-2026-35478)
Vulnerability from cvelistv5 – Published: 2026-04-08 19:24 – Updated: 2026-04-08 20:12
VLAI?
Title
InvenTree has Arbitrary API Token Creation
Summary
InvenTree is an Open Source Inventory Management System. From 0.16.0 to before 1.2.7, any authenticated InvenTree user can create a valid API token attributed to any other user in the system — including administrators and superusers — by supplying the target's user ID in the user field of a POST /api/user/tokens/ request. The returned token is immediately usable for full API authentication as the target user, from any network location, with no further interaction required. This vulnerability is fixed in 1.2.7 and 1.3.0.
Severity ?
8.3 (High)
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35478",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-08T20:11:59.356333Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T20:12:15.181Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "InvenTree",
"vendor": "inventree",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.16.0, \u003c 1.2.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "InvenTree is an Open Source Inventory Management System. From 0.16.0 to before 1.2.7, any authenticated InvenTree user can create a valid API token attributed to any other user in the system \u2014 including administrators and superusers \u2014 by supplying the target\u0027s user ID in the user field of a POST /api/user/tokens/ request. The returned token is immediately usable for full API authentication as the target user, from any network location, with no further interaction required. This vulnerability is fixed in 1.2.7 and 1.3.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639: Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T19:24:05.044Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/inventree/InvenTree/security/advisories/GHSA-qh5j-c28q-c4rg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/inventree/InvenTree/security/advisories/GHSA-qh5j-c28q-c4rg"
}
],
"source": {
"advisory": "GHSA-qh5j-c28q-c4rg",
"discovery": "UNKNOWN"
},
"title": "InvenTree has Arbitrary API Token Creation"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-35478",
"datePublished": "2026-04-08T19:24:05.044Z",
"dateReserved": "2026-04-02T20:49:44.453Z",
"dateUpdated": "2026-04-08T20:12:15.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-35477 (GCVE-0-2026-35477)
Vulnerability from cvelistv5 – Published: 2026-04-08 19:20 – Updated: 2026-04-10 20:43
VLAI?
Title
InvenTree has SSTI in PART_NAME_FORMAT bypasses CVE-2026-27629 fix via {% if part.pk %} sandbox escape
Summary
InvenTree is an Open Source Inventory Management System. From 1.2.3 to 1.2.6, the fix for CVE-2026-27629 upgraded the PART_NAME_FORMAT validator to use jinja2.sandbox.SandboxedEnvironment. However, the actual renderer in part/helpers.py was not updated and still uses the non-sandboxed jinja2.Environment. Additionally, the validator uses a dummy Part instance with pk=None, which allows conditional template expressions to behave differently during validation versus production rendering. A staff user with settings access can craft a template that passes validation but executes arbitrary code during rendering. This issue requires access by a user with granted staff permissions. This vulnerability is fixed in 1.2.7 and 1.3.0.
Severity ?
5.5 (Medium)
CWE
- CWE-1336 - Improper Neutralization of Special Elements Used in a Template Engine
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-35477",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-10T20:43:01.777985Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-10T20:43:12.243Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "InvenTree",
"vendor": "inventree",
"versions": [
{
"status": "affected",
"version": "\u003e= 1.2.3, \u003c 1.2.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "InvenTree is an Open Source Inventory Management System. From 1.2.3 to 1.2.6, the fix for CVE-2026-27629 upgraded the PART_NAME_FORMAT validator to use jinja2.sandbox.SandboxedEnvironment. However, the actual renderer in part/helpers.py was not updated and still uses the non-sandboxed jinja2.Environment. Additionally, the validator uses a dummy Part instance with pk=None, which allows conditional template expressions to behave differently during validation versus production rendering. A staff user with settings access can craft a template that passes validation but executes arbitrary code during rendering. This issue requires access by a user with granted staff permissions. This vulnerability is fixed in 1.2.7 and 1.3.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T19:20:58.967Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/inventree/InvenTree/security/advisories/GHSA-84jh-x777-8pqq",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/inventree/InvenTree/security/advisories/GHSA-84jh-x777-8pqq"
}
],
"source": {
"advisory": "GHSA-84jh-x777-8pqq",
"discovery": "UNKNOWN"
},
"title": "InvenTree has SSTI in PART_NAME_FORMAT bypasses CVE-2026-27629 fix via {% if part.pk %} sandbox escape"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-35477",
"datePublished": "2026-04-08T19:20:58.967Z",
"dateReserved": "2026-04-02T20:49:44.453Z",
"dateUpdated": "2026-04-10T20:43:12.243Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-33531 (GCVE-0-2026-33531)
Vulnerability from cvelistv5 – Published: 2026-03-26 19:40 – Updated: 2026-03-27 19:47
VLAI?
Title
InvenTree has Path Traversal In Report Templates
Summary
InvenTree is an Open Source Inventory Management System. Prior to version 1.2.6, a path traversal vulnerability in the report template engine allows a staff-level user to read arbitrary files from the server filesystem via crafted template tags. Affected functions: `encode_svg_image()`, `asset()`, and `uploaded_image()` in `src/backend/InvenTree/report/templatetags/report.py`. This requires staff access (to upload / edit templates with maliciously crafted tags). If the InvenTree installation is configured with high access privileges on the host system, this path traversal may allow file access outside of the InvenTree source directory. This issue is patched in version 1.2.6, and 1.3.0 (or above). Users should update to the patched versions. No known workarounds are available.
Severity ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-33531",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-27T19:46:51.984002Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-27T19:47:03.887Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "InvenTree",
"vendor": "inventree",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "InvenTree is an Open Source Inventory Management System. Prior to version 1.2.6, a path traversal vulnerability in the report template engine allows a staff-level user to read arbitrary files from the server filesystem via crafted template tags. Affected functions: `encode_svg_image()`, `asset()`, and `uploaded_image()` in `src/backend/InvenTree/report/templatetags/report.py`. This requires staff access (to upload / edit templates with maliciously crafted tags). If the InvenTree installation is configured with high access privileges on the host system, this path traversal may allow file access outside of the InvenTree source directory. This issue is patched in version 1.2.6, and 1.3.0 (or above). Users should update to the patched versions. No known workarounds are available."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-26T19:40:50.787Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/inventree/InvenTree/security/advisories/GHSA-rhc5-7c3r-c769",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/inventree/InvenTree/security/advisories/GHSA-rhc5-7c3r-c769"
},
{
"name": "https://github.com/inventree/InvenTree/pull/11579",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/inventree/InvenTree/pull/11579"
}
],
"source": {
"advisory": "GHSA-rhc5-7c3r-c769",
"discovery": "UNKNOWN"
},
"title": "InvenTree has Path Traversal In Report Templates"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-33531",
"datePublished": "2026-03-26T19:40:50.787Z",
"dateReserved": "2026-03-20T18:05:11.830Z",
"dateUpdated": "2026-03-27T19:47:03.887Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-33530 (GCVE-0-2026-33530)
Vulnerability from cvelistv5 – Published: 2026-03-26 19:34 – Updated: 2026-03-30 11:24
VLAI?
Title
InvenTree Vulnerable to ORM Filter Injection
Summary
InvenTree is an Open Source Inventory Management System. Prior to version 1.2.6, certain API endpoints associated with bulk data operations can be hijacked to exfiltrate sensitive information from the database. The bulk operation API endpoints (e.g. `/api/part/`, `/api/stock/`, `/api/order/so/allocation/`, and others) accept a filters parameter that is passed directly to Django's ORM queryset.filter(**filters) without any field allowlisting. This enables any authenticated user to traverse model relationships using Django's __ lookup syntax and perform blind boolean-based data extraction. This issue is patched in version 1.2.6, and 1.3.0 (or above). Users should update to the patched versions. No known workarounds are available.
Severity ?
7.7 (High)
CWE
- CWE-202 - Exposure of Sensitive Information Through Data Queries
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-33530",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-30T11:24:21.708647Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-30T11:24:37.542Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "InvenTree",
"vendor": "inventree",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "InvenTree is an Open Source Inventory Management System. Prior to version 1.2.6, certain API endpoints associated with bulk data operations can be hijacked to exfiltrate sensitive information from the database. The bulk operation API endpoints (e.g. `/api/part/`, `/api/stock/`, `/api/order/so/allocation/`, and others) accept a filters parameter that is passed directly to Django\u0027s ORM queryset.filter(**filters) without any field allowlisting. This enables any authenticated user to traverse model relationships using Django\u0027s __ lookup syntax and perform blind boolean-based data extraction. This issue is patched in version 1.2.6, and 1.3.0 (or above). Users should update to the patched versions. No known workarounds are available."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-202",
"description": "CWE-202: Exposure of Sensitive Information Through Data Queries",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-26T19:34:51.294Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/inventree/InvenTree/security/advisories/GHSA-m8j2-vfmq-p6qg",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/inventree/InvenTree/security/advisories/GHSA-m8j2-vfmq-p6qg"
},
{
"name": "https://github.com/inventree/InvenTree/pull/11581",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/inventree/InvenTree/pull/11581"
}
],
"source": {
"advisory": "GHSA-m8j2-vfmq-p6qg",
"discovery": "UNKNOWN"
},
"title": "InvenTree Vulnerable to ORM Filter Injection"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-33530",
"datePublished": "2026-03-26T19:34:51.294Z",
"dateReserved": "2026-03-20T18:05:11.830Z",
"dateUpdated": "2026-03-30T11:24:37.542Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-27629 (GCVE-0-2026-27629)
Vulnerability from cvelistv5 – Published: 2026-02-25 02:48 – Updated: 2026-02-26 21:33
VLAI?
Title
InvenTree Vulnerable to Server Side Template Injection (SSTI)
Summary
InvenTree is an Open Source Inventory Management System. Prior to version 1.2.3, insecure server-side templates can be hijacked to expose secure information to the client. When generating custom batch codes, the InvenTree server makes use of a customizable jinja2 template, which can be modified by a staff user to exfiltrate sensitive information or perform code execution on the server. This issue requires access by a user with granted staff permissions, followed by a request to generate a custom batch code via the API. Once the template has been modified in a malicious manner, the API call to generate a new batch code could be made by other users, and the template code will be executed with their user context. The code has been patched to ensure that all template generation is performed within a secure sandboxed context. This issue has been addressed in version 1.2.3, and any versions from 1.3.0 onwards. Some workarounds are available. The batch code template is a configurable global setting which can be adjusted via any user with staff access. To prevent this setting from being edited, it can be overridden at a system level to a default value, preventing it from being edited. This requires system administrator access, and cannot be changed from the client side once the server is running. It is recommended that for InvenTree installations prior to 1.2.3 the `STOCK_BATCH_CODE_TEMPLATE` and `PART_NAME_FORMAT` global settings are overridden at the system level to prevent editing.
Severity ?
5.9 (Medium)
CWE
- CWE-1336 - Improper Neutralization of Special Elements Used in a Template Engine
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-27629",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-26T21:06:58.547845Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T21:33:40.971Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "InvenTree",
"vendor": "inventree",
"versions": [
{
"status": "affected",
"version": "\u003c 1.2.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "InvenTree is an Open Source Inventory Management System. Prior to version 1.2.3, insecure server-side templates can be hijacked to expose secure information to the client. When generating custom batch codes, the InvenTree server makes use of a customizable jinja2 template, which can be modified by a staff user to exfiltrate sensitive information or perform code execution on the server. This issue requires access by a user with granted staff permissions, followed by a request to generate a custom batch code via the API. Once the template has been modified in a malicious manner, the API call to generate a new batch code could be made by other users, and the template code will be executed with their user context. The code has been patched to ensure that all template generation is performed within a secure sandboxed context. This issue has been addressed in version 1.2.3, and any versions from 1.3.0 onwards. Some workarounds are available. The batch code template is a configurable global setting which can be adjusted via any user with staff access. To prevent this setting from being edited, it can be overridden at a system level to a default value, preventing it from being edited. This requires system administrator access, and cannot be changed from the client side once the server is running. It is recommended that for InvenTree installations prior to 1.2.3 the `STOCK_BATCH_CODE_TEMPLATE` and `PART_NAME_FORMAT` global settings are overridden at the system level to prevent editing."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1336",
"description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-25T02:48:41.934Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/inventree/InvenTree/security/advisories/GHSA-cx85-vr3q-9x4m",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/inventree/InvenTree/security/advisories/GHSA-cx85-vr3q-9x4m"
}
],
"source": {
"advisory": "GHSA-cx85-vr3q-9x4m",
"discovery": "UNKNOWN"
},
"title": "InvenTree Vulnerable to Server Side Template Injection (SSTI)"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-27629",
"datePublished": "2026-02-25T02:48:41.934Z",
"dateReserved": "2026-02-20T22:02:30.028Z",
"dateUpdated": "2026-02-26T21:33:40.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-49000 (GCVE-0-2025-49000)
Vulnerability from cvelistv5 – Published: 2025-06-03 20:54 – Updated: 2025-06-04 13:49
VLAI?
Title
InvenTree has uncontrolled memory allocation via built-in label-sheet plugin
Summary
InvenTree is an Open Source Inventory Management System. Prior to version 0.17.13, the skip field in the built-in `label-sheet` plugin lacks an upper bound, so a large value forces the server to allocate an enormous Python list. This lets any authenticated label-printing user trigger a denial-of-service via memory exhaustion. the issue is fixed in versions 0.17.13 and higher. No workaround is available aside from upgrading to the patched version.
Severity ?
CWE
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-49000",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-04T13:49:23.265294Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-04T13:49:33.402Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "InvenTree",
"vendor": "inventree",
"versions": [
{
"status": "affected",
"version": "\u003c 0.17.13"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "InvenTree is an Open Source Inventory Management System. Prior to version 0.17.13, the skip field in the built-in `label-sheet` plugin lacks an upper bound, so a large value forces the server to allocate an enormous Python list. This lets any authenticated label-printing user trigger a denial-of-service via memory exhaustion. the issue is fixed in versions 0.17.13 and higher. No workaround is available aside from upgrading to the patched version."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T20:54:27.744Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/inventree/InvenTree/security/advisories/GHSA-m2ch-h84r-p9r6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/inventree/InvenTree/security/advisories/GHSA-m2ch-h84r-p9r6"
},
{
"name": "https://github.com/inventree/InvenTree/commit/0826a75ef6dde0ad96d680f52a9cf171ba2ce98b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/inventree/InvenTree/commit/0826a75ef6dde0ad96d680f52a9cf171ba2ce98b"
},
{
"name": "https://github.com/inventree/InvenTree/releases/tag/0.17.13",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/inventree/InvenTree/releases/tag/0.17.13"
}
],
"source": {
"advisory": "GHSA-m2ch-h84r-p9r6",
"discovery": "UNKNOWN"
},
"title": "InvenTree has uncontrolled memory allocation via built-in label-sheet plugin"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-49000",
"datePublished": "2025-06-03T20:54:27.744Z",
"dateReserved": "2025-05-29T16:34:07.174Z",
"dateUpdated": "2025-06-04T13:49:33.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47610 (GCVE-0-2024-47610)
Vulnerability from cvelistv5 – Published: 2024-10-07 20:45 – Updated: 2024-10-08 14:20
VLAI?
Title
Stored Cross-site Scripting Vulnerability in Markdown Editor
Summary
InvenTree is an Open Source Inventory Management System. In affected versions of InvenTree it is possible for a registered user to store javascript in markdown notes fields, which are then displayed to other logged in users who visit the same page and executed. The vulnerability has been addressed as follows: 1. HTML sanitization has been enabled in the front-end markdown rendering library - `easymde`. 2. Stored markdown is also validated on the backend, to ensure that malicious markdown is not stored in the database. These changes are available in release versions 0.16.5 and later. All users are advised to upgrade. There are no workarounds, an update is required to get the new validation functions.
Severity ?
7.3 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:inventree_project:inventree:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "inventree",
"vendor": "inventree_project",
"versions": [
{
"lessThan": "0.16.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47610",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-08T14:19:51.523550Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-08T14:20:43.155Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "InvenTree",
"vendor": "inventree",
"versions": [
{
"status": "affected",
"version": "\u003c 0.16.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "InvenTree is an Open Source Inventory Management System. In affected versions of InvenTree it is possible for a registered user to store javascript in markdown notes fields, which are then displayed to other logged in users who visit the same page and executed. The vulnerability has been addressed as follows: 1. HTML sanitization has been enabled in the front-end markdown rendering library - `easymde`. 2. Stored markdown is also validated on the backend, to ensure that malicious markdown is not stored in the database. These changes are available in release versions 0.16.5 and later. All users are advised to upgrade. There are no workarounds, an update is required to get the new validation functions."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-07T20:45:20.510Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/inventree/InvenTree/security/advisories/GHSA-wp3m-jhgv-rhqr",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/inventree/InvenTree/security/advisories/GHSA-wp3m-jhgv-rhqr"
},
{
"name": "https://github.com/inventree/InvenTree/commit/6e37f0cd8ba5fc527412f18f66cd6a37015fa690",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/inventree/InvenTree/commit/6e37f0cd8ba5fc527412f18f66cd6a37015fa690"
}
],
"source": {
"advisory": "GHSA-wp3m-jhgv-rhqr",
"discovery": "UNKNOWN"
},
"title": "Stored Cross-site Scripting Vulnerability in Markdown Editor"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-47610",
"datePublished": "2024-10-07T20:45:20.510Z",
"dateReserved": "2024-09-27T20:37:22.120Z",
"dateUpdated": "2024-10-08T14:20:43.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-3355 (GCVE-0-2022-3355)
Vulnerability from cvelistv5 – Published: 2022-09-29 09:25 – Updated: 2025-05-20 19:36
VLAI?
Title
Cross-site Scripting (XSS) - Stored in inventree/inventree
Summary
Cross-site Scripting (XSS) - Stored in GitHub repository inventree/inventree prior to 0.8.3.
Severity ?
8.2 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| inventree | inventree/inventree |
Affected:
unspecified , < 0.8.3
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:07:06.564Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/4b7fb92c-f06b-4bbf-82dc-9f013b30b6a6"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/inventree/inventree/commit/5a08ef908dd5344b4433436a4679d122f7f99e41"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-3355",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T19:35:04.241878Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T19:36:18.543Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "inventree/inventree",
"vendor": "inventree",
"versions": [
{
"lessThan": "0.8.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) - Stored in GitHub repository inventree/inventree prior to 0.8.3."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-29T09:25:10.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/4b7fb92c-f06b-4bbf-82dc-9f013b30b6a6"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/inventree/inventree/commit/5a08ef908dd5344b4433436a4679d122f7f99e41"
}
],
"source": {
"advisory": "4b7fb92c-f06b-4bbf-82dc-9f013b30b6a6",
"discovery": "EXTERNAL"
},
"title": "Cross-site Scripting (XSS) - Stored in inventree/inventree",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-3355",
"STATE": "PUBLIC",
"TITLE": "Cross-site Scripting (XSS) - Stored in inventree/inventree"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "inventree/inventree",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "0.8.3"
}
]
}
}
]
},
"vendor_name": "inventree"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS) - Stored in GitHub repository inventree/inventree prior to 0.8.3."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/4b7fb92c-f06b-4bbf-82dc-9f013b30b6a6",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/4b7fb92c-f06b-4bbf-82dc-9f013b30b6a6"
},
{
"name": "https://github.com/inventree/inventree/commit/5a08ef908dd5344b4433436a4679d122f7f99e41",
"refsource": "MISC",
"url": "https://github.com/inventree/inventree/commit/5a08ef908dd5344b4433436a4679d122f7f99e41"
}
]
},
"source": {
"advisory": "4b7fb92c-f06b-4bbf-82dc-9f013b30b6a6",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-3355",
"datePublished": "2022-09-29T09:25:11.000Z",
"dateReserved": "2022-09-29T00:00:00.000Z",
"dateUpdated": "2025-05-20T19:36:18.543Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-2134 (GCVE-0-2022-2134)
Vulnerability from cvelistv5 – Published: 2022-06-20 00:00 – Updated: 2024-08-03 00:24
VLAI?
Title
Allocation of Resources Without Limits or Throttling in inventree/inventree
Summary
Allocation of Resources Without Limits or Throttling in GitHub repository inventree/inventree prior to 0.8.0.
Severity ?
7.1 (High)
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| inventree | inventree/inventree |
Affected:
unspecified , < 0.8.0
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:24:44.433Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/57b0f272-a97f-4cb3-b546-c863c68a561a"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/inventree/inventree/commit/63b4ff3eb6e80861962fafe79c9b483cd7239d6c"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "inventree/inventree",
"vendor": "inventree",
"versions": [
{
"lessThan": "0.8.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Allocation of Resources Without Limits or Throttling in GitHub repository inventree/inventree prior to 0.8.0."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-06-29T00:00:00.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/57b0f272-a97f-4cb3-b546-c863c68a561a"
},
{
"url": "https://github.com/inventree/inventree/commit/63b4ff3eb6e80861962fafe79c9b483cd7239d6c"
}
],
"source": {
"advisory": "57b0f272-a97f-4cb3-b546-c863c68a561a",
"discovery": "EXTERNAL"
},
"title": "Allocation of Resources Without Limits or Throttling in inventree/inventree"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-2134",
"datePublished": "2022-06-20T00:00:00.000Z",
"dateReserved": "2022-06-20T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:24:44.433Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-2113 (GCVE-0-2022-2113)
Vulnerability from cvelistv5 – Published: 2022-06-17 10:20 – Updated: 2024-08-03 00:24
VLAI?
Title
Cross-site Scripting (XSS) - Stored in inventree/inventree
Summary
Cross-site Scripting (XSS) - Stored in GitHub repository inventree/inventree prior to 0.7.2.
Severity ?
8.4 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| inventree | inventree/inventree |
Affected:
unspecified , < 0.7.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:24:44.184Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/inventree/inventree/commit/26bf51c20a1c9b3130ac5dd2e17649bece5ff84f"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/4cae8442-c042-43c2-ad89-6f666eaf3d57"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "inventree/inventree",
"vendor": "inventree",
"versions": [
{
"lessThan": "0.7.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site Scripting (XSS) - Stored in GitHub repository inventree/inventree prior to 0.7.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-17T10:20:10.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/inventree/inventree/commit/26bf51c20a1c9b3130ac5dd2e17649bece5ff84f"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/4cae8442-c042-43c2-ad89-6f666eaf3d57"
}
],
"source": {
"advisory": "4cae8442-c042-43c2-ad89-6f666eaf3d57",
"discovery": "EXTERNAL"
},
"title": "Cross-site Scripting (XSS) - Stored in inventree/inventree",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-2113",
"STATE": "PUBLIC",
"TITLE": "Cross-site Scripting (XSS) - Stored in inventree/inventree"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "inventree/inventree",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "0.7.2"
}
]
}
}
]
},
"vendor_name": "inventree"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site Scripting (XSS) - Stored in GitHub repository inventree/inventree prior to 0.7.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/inventree/inventree/commit/26bf51c20a1c9b3130ac5dd2e17649bece5ff84f",
"refsource": "MISC",
"url": "https://github.com/inventree/inventree/commit/26bf51c20a1c9b3130ac5dd2e17649bece5ff84f"
},
{
"name": "https://huntr.dev/bounties/4cae8442-c042-43c2-ad89-6f666eaf3d57",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/4cae8442-c042-43c2-ad89-6f666eaf3d57"
}
]
},
"source": {
"advisory": "4cae8442-c042-43c2-ad89-6f666eaf3d57",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-2113",
"datePublished": "2022-06-17T10:20:10.000Z",
"dateReserved": "2022-06-17T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:24:44.184Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-2112 (GCVE-0-2022-2112)
Vulnerability from cvelistv5 – Published: 2022-06-17 10:15 – Updated: 2024-08-03 00:24
VLAI?
Title
Improper Neutralization of Formula Elements in a CSV File in inventree/inventree
Summary
Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2.
Severity ?
9 (Critical)
CWE
- CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| inventree | inventree/inventree |
Affected:
unspecified , < 0.7.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:24:44.196Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/inventree/inventree/commit/26bf51c20a1c9b3130ac5dd2e17649bece5ff84f"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/e57c36e7-fa39-435f-944a-3a52ee066f73"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "inventree/inventree",
"vendor": "inventree",
"versions": [
{
"lessThan": "0.7.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-17T10:15:16.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/inventree/inventree/commit/26bf51c20a1c9b3130ac5dd2e17649bece5ff84f"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/e57c36e7-fa39-435f-944a-3a52ee066f73"
}
],
"source": {
"advisory": "e57c36e7-fa39-435f-944a-3a52ee066f73",
"discovery": "EXTERNAL"
},
"title": "Improper Neutralization of Formula Elements in a CSV File in inventree/inventree",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-2112",
"STATE": "PUBLIC",
"TITLE": "Improper Neutralization of Formula Elements in a CSV File in inventree/inventree"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "inventree/inventree",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "0.7.2"
}
]
}
}
]
},
"vendor_name": "inventree"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/inventree/inventree/commit/26bf51c20a1c9b3130ac5dd2e17649bece5ff84f",
"refsource": "MISC",
"url": "https://github.com/inventree/inventree/commit/26bf51c20a1c9b3130ac5dd2e17649bece5ff84f"
},
{
"name": "https://huntr.dev/bounties/e57c36e7-fa39-435f-944a-3a52ee066f73",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/e57c36e7-fa39-435f-944a-3a52ee066f73"
}
]
},
"source": {
"advisory": "e57c36e7-fa39-435f-944a-3a52ee066f73",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-2112",
"datePublished": "2022-06-17T10:15:16.000Z",
"dateReserved": "2022-06-17T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:24:44.196Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-2111 (GCVE-0-2022-2111)
Vulnerability from cvelistv5 – Published: 2022-06-17 10:10 – Updated: 2024-08-03 00:24
VLAI?
Title
Unrestricted Upload of File with Dangerous Type in inventree/inventree
Summary
Unrestricted Upload of File with Dangerous Type in GitHub repository inventree/inventree prior to 0.7.2.
Severity ?
9 (Critical)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| inventree | inventree/inventree |
Affected:
unspecified , < 0.7.2
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:24:44.204Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://huntr.dev/bounties/a0e5c68e-0f75-499b-bd7b-d935fb8c0cd1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/inventree/inventree/commit/26bf51c20a1c9b3130ac5dd2e17649bece5ff84f"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "inventree/inventree",
"vendor": "inventree",
"versions": [
{
"lessThan": "0.7.2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unrestricted Upload of File with Dangerous Type in GitHub repository inventree/inventree prior to 0.7.2."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-17T10:10:10.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://huntr.dev/bounties/a0e5c68e-0f75-499b-bd7b-d935fb8c0cd1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/inventree/inventree/commit/26bf51c20a1c9b3130ac5dd2e17649bece5ff84f"
}
],
"source": {
"advisory": "a0e5c68e-0f75-499b-bd7b-d935fb8c0cd1",
"discovery": "EXTERNAL"
},
"title": "Unrestricted Upload of File with Dangerous Type in inventree/inventree",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@huntr.dev",
"ID": "CVE-2022-2111",
"STATE": "PUBLIC",
"TITLE": "Unrestricted Upload of File with Dangerous Type in inventree/inventree"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "inventree/inventree",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "0.7.2"
}
]
}
}
]
},
"vendor_name": "inventree"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unrestricted Upload of File with Dangerous Type in GitHub repository inventree/inventree prior to 0.7.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://huntr.dev/bounties/a0e5c68e-0f75-499b-bd7b-d935fb8c0cd1",
"refsource": "CONFIRM",
"url": "https://huntr.dev/bounties/a0e5c68e-0f75-499b-bd7b-d935fb8c0cd1"
},
{
"name": "https://github.com/inventree/inventree/commit/26bf51c20a1c9b3130ac5dd2e17649bece5ff84f",
"refsource": "MISC",
"url": "https://github.com/inventree/inventree/commit/26bf51c20a1c9b3130ac5dd2e17649bece5ff84f"
}
]
},
"source": {
"advisory": "a0e5c68e-0f75-499b-bd7b-d935fb8c0cd1",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-2111",
"datePublished": "2022-06-17T10:10:10.000Z",
"dateReserved": "2022-06-17T00:00:00.000Z",
"dateUpdated": "2024-08-03T00:24:44.204Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}