Browse all 4 CVE security advisories affecting Zephyr. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Zephyr is a project management and issue tracking tool primarily used for organizing software development workflows. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues. The four recorded CVEs highlight consistent weaknesses in input validation and access control mechanisms. While no major public security incidents have been documented, the pattern of vulnerabilities suggests potential for unauthorized system compromise or data exposure. The tool's web interface and integration points remain primary attack surfaces, requiring regular patching and hardening to mitigate risks associated with its common vulnerability profile.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-3333 | Zephyr Project Manager REST Call cross site scripting — Project ManagerCWE-707 | 3.5 | Low | 2022-09-28 |
This page lists every published CVE security advisory associated with Zephyr. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.