Evergreen-ils Evergreen — known CVE vulnerabilities
Every CVE whose affected-product data names Evergreen-ils Evergreen, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2015-2204 — CVSS 7.5 (high): Evergreen before 2.5.9, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to bypass an intended access restriction and…
CVE-2013-7435 — CVSS 6.5 (medium): The open-ils.pcrud endpoint in Evergreen before 2.5.9, 2.6.x before 2.6.7, and 2.7.x before 2.7.4 allows remote attackers to obtain…
CVE-2015-2203 — CVSS 6.5 (medium): Evergreen 2.5.9, 2.6.7, and 2.7.4 allows remote authenticated users with STAFF_LOGIN permission to obtain sensitive settings history…