Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:avalanche:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Avalanche (beae74b3-8169-58ab-a290-feba439cf09c) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-28128 |
vulnerable | 2026-06-08 06:01:09.707827 |
Details available
An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to achieve a remove code execution.
Published: 2023-05-09T00:00:00.000Z
Updated: 2025-01-28T20:46:12.382Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-28127 |
vulnerable | 2026-06-08 06:01:09.705579 |
Details available
A path traversal vulnerability exists in Avalanche version 6.3.x and below that when exploited could result in possible information disclosure.
Published: 2023-05-09T00:00:00.000Z
Updated: 2025-01-28T21:07:56.659Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-28126 |
vulnerable | 2026-06-08 06:01:09.705249 |
Details available
An authentication bypass vulnerability exists in Avalanche versions 6.3.x and below that could allow an attacker to gain access by exploiting the SetUser method or can exploit the Race Condition in the authentication message.
Published: 2023-05-09T00:00:00.000Z
Updated: 2025-01-29T14:24:55.609Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-28125 |
vulnerable | 2026-06-08 06:01:09.704078 |
Details available
An improper authentication vulnerability exists in Avalanche Premise versions 6.3.x and below that could allow an attacker to gain access to the server by registering to receive messages from the server and perform an authentication bypass.
Published: 2023-05-09T00:00:00.000Z
Updated: 2025-01-29T14:37:25.739Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.