CPE-D18CDAB1-1600-47B0-B76D-66970C8DC0BA Detail

CPE Details

Computer Vision Annotation Tool (CVAT) 2.14.3

Vendor

cvat

Product

computer_vision_annotation_tool

Version

2.14.3

Created

2024-10-31
11h17 +00:00

Modified

2024-10-31
11h17 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:cvat:computer_vision_annotation_tool:2.14.3:::::::*

Informations

Vendor

cvat

Product

computer_vision_annotation_tool

Version

2.14.3

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2024-47172	2024-09-30 15h00 +00:00	Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. An attacker with a CVAT account may retrieve certain information about any project, task, job or membership resource on the CVAT instance. The information exposed in this way is the same as the information returned on a GET request to the resource. In addition, the attacker can also alter the default source and target storage associated with any project or task. Upgrade to CVAT 2.19.1 or any later version to fix the issue.	5.4	Medium
CVE-2024-47063	2024-09-30 14h45 +00:00	Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. If a malicious CVAT user with permissions to either create a task, or edit an existing task can trick another logged-in user into visiting a maliciously-constructed URL, they can initiate any API calls on that user's behalf. This gives the attacker temporary access to all data that the victim user has access to. Upgrade to CVAT 2.19.0 or a later version to fix this issue.	6.2	Medium
CVE-2024-45393	2024-09-10 15h04 +00:00	Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. An attacker with a CVAT account can access webhook delivery information for any webhook registered on the CVAT instance, including that of other users. For each delivery, this contains information about the event that caused the delivery, typically including full details about the object on which an action was performed (such as the task for an "update:task" event), and the user who performed the action. In addition, the attacker can redeliver any past delivery of any webhook, and trigger a ping event for any webhook. Upgrade to CVAT 2.18.0 or any later version.	6.4	Medium

Computer Vision Annotation Tool (CVAT) 2.14.3

CPE Details

CPE Name: cpe:2.3:a:cvat:computer_vision_annotation_tool:2.14.3:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:cvat:computer_vision_annotation_tool:2.14.3:::::::*