Knime Knime Analytics Platform — known CVE vulnerabilities
Every CVE whose affected-product data names Knime Knime Analytics Platform, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2022-31500 — CVSS 7.8 (high): In KNIME Analytics Platform below 4.6.0, the Windows installer sets improper filesystem permissions.
CVE-2023-5562 — CVSS 6.1 (medium): An unsafe default configuration in KNIME Analytics Platform before 5.2.0 allows for a cross-site scripting attack. When KNIME Analytics…
CVE-2022-44749 — CVSS 5.5 (medium): A directory traversal vulnerability in the ZIP archive extraction routines of KNIME Analytics Platform 3.2.0 and above can result in…
CVE-2021-45096 — CVSS 4.7 (medium): KNIME Analytics Platform before 4.5.0 is vulnerable to XXE (external XML entity injection) via a crafted workflow file (.knwf), aka…