All 6 CVE vulnerabilities found in Zowe, with AI-generated Chinese analysis, references, and POCs.
Vendor: Open Mainframe Project
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-9802 | Conformance validation endpoint discloses detail about service to unauthenticated users | 5.3 | Medium | 2024-10-10 |
| CVE-2024-9798 | Health endpoint offers list of onboarded services to unauthenticated users | 5.3 | Critical | 2024-10-10 |
| CVE-2024-6834 | Imperative Local Command Injection allows Activity Masking | 9.0 | Critical | 2024-07-17 |
| CVE-2024-6833 | Zowe CLI Auto-Init Leaks Credentials Locally | 5.9 | Medium | 2024-07-17 |
| CVE-2021-4326 | Imperative Local Command Injection allows Activity Masking | 3.3 | Low | 2023-02-22 |
| CVE-2021-4314 | API Mediation Layer 授权问题漏洞 CWE-269 | 5.3 | - | 2023-01-18 |
All 6 known CVE vulnerabilities affecting Zowe with full Chinese analysis, references, and POCs where available.