This page aggregates publicly disclosed CVE and security risk information related to opendap, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2007-2769 | BES before 3.5.0 in OPeNDAP 4 (Hydrax) before 1.2.1 does not properly handle compressed files, which allows remote attackers to upload arbitrary files or execute arbitrary commands via a crafted compressed file. | [email protected] | 7.5 | 0.77% | 2007-05-21 | 2026-04-23 |
| CVE-2007-2767 | Unspecified vulnerability in BES before 3.5.0 in OPeNDAP 4 (Hydrax) before 1.2.1 allows remote attackers to list filesystem contents and obtain sensitive information via unknown vectors. | [email protected] | 7.8 | 0.90% | 2007-05-21 | 2026-04-23 |
| CVE-2007-2355 | The get_url function in DODS_Dispatch.pm for the CGI_server in OPeNDAP 3 allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | [email protected] | 10.0 | 5.63% | 2007-04-30 | 2026-04-23 |