Every CVE whose affected-product data names Asana Desktop, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2023-49314 — CVSS 7.8 (high): Asana Desktop 2.1.0 on macOS allows code injection because of specific Electron Fuses. There is inadequate protection against code…
CVE-2022-26877 — CVSS 6.5 (medium): Asana Desktop before 1.6.0 allows remote attackers to exfiltrate local files if they can trick the Asana desktop app into loading a…