Bitdefender Gravityzone Update Server
3 CVEs affecting Bitdefender Gravityzone Update Server. Latest disclosed: 2025-04-04. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-6980 | Critical | 9.8 | 2024-07-31 | A verbose error handling issue in the proxy service implemented in the GravityZone Update Server allows an attacker to cause a server-side request forgery. Thi… |
CVE-2021-3823 | High | 7.1 | 2021-10-28 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender GravityZone allows an… |
CVE-2025-2245 | Medium | 5.3 | 2025-04-04 | A server-side request forgery (SSRF) vulnerability exists in the Bitdefender GravityZone Update Server when operating in Relay Mode. The HTTP proxy component o… |