Cyclonedx Bill Materials Repository Server
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Cyclonedx Bill Materials Repository Server.
By the Year
In 2026 there have been 0 vulnerabilities in Cyclonedx Bill Materials Repository Server. Bill Materials Repository Server did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 1 | 8.10 |
It may take a day or so for new Bill Materials Repository Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Cyclonedx Bill Materials Repository Server Security Vulnerabilities
CycloneDX BOM Repository Server is a bill of materials (BOM) repository server for distributing CycloneDX BOMs
CVE-2022-24774
8.1 - High
- March 22, 2022
CycloneDX BOM Repository Server is a bill of materials (BOM) repository server for distributing CycloneDX BOMs. CycloneDX BOM Repository Server before version 2.0.1 has an improper input validation vulnerability leading to path traversal. A malicious user may potentially exploit this vulnerability to create arbitrary directories or a denial of service by deleting arbitrary directories. The vulnerability is resolved in version 2.0.1. The vulnerability is not exploitable with the default configuration with the post and delete methods disabled. This can be configured by modifying the `appsettings.json` file, or alternatively, setting the environment variables `ALLOWEDMETHODS__POST` and `ALLOWEDMETHODS__DELETE` to `false`.
Directory traversal
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Cyclonedx Bill Materials Repository Server or by Cyclonedx? Click the Watch button to subscribe.
