This page lists publicly disclosed CVE vulnerabilities affecting netflix lemur (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-30797 | Netflix Lemur before version 1.3.2 used insufficiently random values when generating default credentials. The insufficiently random values may allow an attacker to guess the credentials and gain access to resources managed by Lemur. | [email protected] | 7.5 | 0.78% | 2023-04-19 | 2026-06-17 |
| CVE-2015-7764 | Lemur 0.1.4 does not use sufficient entropy in its IV when encrypting AES in CBC mode. | [email protected] | 7.5 | 1.51% | 2017-08-09 | 2026-06-16 |