Security: yeti-platform/yeti
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
Report a vulnerability-
Unauthenticated Access to Full Audit Timeline Discloses All Threat Intelligence DataGHSA-34r4-95hx-gxqr published
Jul 1, 2026 by sebdravenHigh -
Authenticated AQL injection via unvalidated search sorting and filter_aliases parametersGHSA-vw33-fwfx-6m9p published
Jul 1, 2026 by sebdravenHigh -
Path traversal in DFIQ uuid allows authenticated arbitrary file write during archive exportGHSA-6xf2-8436-rgvf published
Jul 1, 2026 by sebdravenHigh -
Path traversal in ExportTask name allows authenticated arbitrary file read and writeGHSA-4q3w-w2g5-8wqq published
Jul 1, 2026 by sebdravenHigh -
Insecure default secret key specified in configGHSA-5xr8-4jgj-c5gm published
Oct 15, 2024 by tomchopModerate -
Server Side Template Injection in ExportsGHSA-p6jm-g6mf-c695 published
Oct 15, 2024 by tomchopHigh -
CVE-2024-45412: Potential Denial of Service due to the One Milion Unicode characters attackGHSA-cwwm-pq9x-2cxv published
Sep 10, 2024 by tomchopModerate
Learn more about advisories related to yeti-platform/yeti in the GitHub Advisory Database