| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-53260 | Course Roster vulnerable to CSV Injection in Autolab | autolab | Autolab | Medium | 6.8 | 2024-11-27 21:28:34 | Deep Dive |
| CVE-2024-53258 | download_all_submissions allows student to download another student's submissions in Autolab | autolab | Autolab | - | - | 2024-11-25 19:19:25 | Deep Dive |
| CVE-2024-52585 | Autolab has HTML Injection Vulnerability | autolab | Autolab | - | - | 2024-11-18 20:45:20 | Deep Dive |
| CVE-2024-52584 | Autolab has vulnerable submission endpoints | autolab | Autolab | - | - | 2024-11-18 20:43:22 | Deep Dive |
| CVE-2024-49376 | Autolab Has Misconfigured Reset Password Permissions | autolab | Autolab | 中危 | - | 2024-10-25 12:50:33 | Deep Dive |
| CVE-2023-44395 | Autolab has Path Traversal vulnerability in Assessment functionality | autolab | Autolab | Medium | 4.9 | 2024-01-22 14:51:14 | Deep Dive |
| CVE-2023-32676 | Autolab tar slip in Install Assessment functionality (`GHSL-2023-081`) | autolab | Autolab | Medium | 6.7 | 2023-05-26 22:44:09 | Deep Dive |
| CVE-2023-32317 | Autolab tar slip in cheat checker functionality (`GHSL-2023-082`) | autolab | Autolab | Medium | 6.7 | 2023-05-26 22:42:10 | Deep Dive |
| CVE-2022-41956 | Autolab is vulnerable to file disclosure via remote handin feature | autolab | Autolab | Medium | 6.5 | 2023-01-14 00:40:32 | Deep Dive |
| CVE-2022-41955 | Autolab is vulnerable to remote code execution (RCE) via MOSS functionality | autolab | Autolab | High | 8.8 | 2023-01-14 00:09:07 | Deep Dive |
| CVE-2022-0936 | Cross-site Scripting (XSS) - Stored in autolab/autolab | autolab | autolab/autolab | 中危 | - | 2022-04-11 06:15:15 | Deep Dive |