Browse all 21 CVE security advisories affecting Jfrog. AI-powered Chinese analysis, POCs, and references for each vulnerability.
JFrog operates as a leading provider of software supply chain management solutions, primarily offering artifact repository services and DevOps automation tools that enable organizations to build, store, and distribute software components. The platform’s extensive integration into continuous integration and deployment pipelines makes it a critical infrastructure component for modern software development lifecycles. Historically, security assessments have identified vulnerabilities within its ecosystem, including remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from underlying web frameworks or misconfigured access controls. While no catastrophic data breaches have publicly defined the company’s security history, the presence of multiple Common Vulnerabilities and Exposures highlights the inherent risks associated with complex enterprise software. Maintaining rigorous patch management and strict access controls remains essential for mitigating these potential entry points and ensuring the integrity of the software supply chain.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-0668 | JFrog Artifactory 安全漏洞 — JFrog ArtifactoryCWE-274 | 5.3 | Medium | 2023-01-08 |
| CVE-2021-23163 | JFrog Artifactory 跨站请求伪造漏洞 — JFrog ArtifactoryCWE-352 | 3.1 | Low | 2022-07-06 |
| CVE-2021-46687 | JFrog Artifactory 安全漏洞 — JFrog ArtifactoryCWE-359 | 4.9 | Medium | 2022-07-06 |
| CVE-2021-45721 | JFrog Artifactory 跨站脚本漏洞 — JFrog ArtifactoryCWE-79 | 6.1 | Medium | 2022-07-06 |
| CVE-2022-0573 | JFrog Artifactory 代码问题漏洞 — JFrog ArtifactoryCWE-502 | 8.8 | High | 2022-05-16 |
| CVE-2021-46270 | JFrog Artifactory 安全漏洞 — JFrog ArtifactoryCWE-284 | 2.7 | Low | 2022-03-02 |
| CVE-2021-45074 | JFrog Artifactory 安全漏洞 — JFrog ArtifactoryCWE-284 | 4.3 | Medium | 2022-03-02 |
| CVE-2021-3860 | Jfrog JFrog Artifactory SQL注入漏洞 — JFrog ArtifactoryCWE-89 | 8.8 | High | 2021-12-20 |
This page lists every published CVE security advisory associated with Jfrog. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.