Vulnerabilities > CVE-2022-24729

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

NVD

Published: 2022-03-16

Updated: 2023-11-07

Summary

CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. CKEditor4 prior to version 4.18.0 contains a vulnerability in the `dialog` plugin. The vulnerability allows abuse of a dialog input validator regular expression, which can cause a significant performance drop resulting in a browser tab freeze. A patch is available in version 4.18.0. There are currently no known workarounds.

Vulnerable Configurations

Part	Description	Count
Application	Ckeditor Ckeditor Ckeditor 4.0 Ckeditor Ckeditor 4.0.1 Ckeditor Ckeditor 4.0.1.1 Ckeditor Ckeditor 4.0.2 Ckeditor Ckeditor 4.0.3 Ckeditor Ckeditor 4.1 Ckeditor Ckeditor 4.1.1 Ckeditor Ckeditor 4.1.2 Ckeditor Ckeditor 4.1.3 Ckeditor Ckeditor 4.2 Ckeditor Ckeditor 4.2.1 Ckeditor Ckeditor 4.2.2 Ckeditor Ckeditor 4.2.3 Ckeditor Ckeditor 4.3.0 Ckeditor Ckeditor 4.3.1 Ckeditor Ckeditor 4.3.2 Ckeditor Ckeditor 4.3.3 Ckeditor Ckeditor 4.3.4 Ckeditor Ckeditor 4.3.5 Ckeditor Ckeditor 4.4.0 Ckeditor Ckeditor 4.4.1 Ckeditor Ckeditor 4.4.2 Ckeditor Ckeditor 4.4.3 Ckeditor Ckeditor 4.4.4 Ckeditor Ckeditor 4.4.5 Ckeditor Ckeditor 4.4.6 Ckeditor Ckeditor 4.4.7 Ckeditor Ckeditor 4.4.8 Ckeditor Ckeditor 4.5.0 Ckeditor Ckeditor 4.5.1 Ckeditor Ckeditor 4.5.2 Ckeditor Ckeditor 4.5.3 Ckeditor Ckeditor 4.5.4 Ckeditor Ckeditor 4.5.5 Ckeditor Ckeditor 4.5.6 Ckeditor Ckeditor 4.5.7 Ckeditor Ckeditor 4.5.8 Ckeditor Ckeditor 4.5.9 Ckeditor Ckeditor 4.5.10 Ckeditor Ckeditor 4.5.11 Ckeditor Ckeditor 4.6.0 Ckeditor Ckeditor 4.6.1 Ckeditor Ckeditor 4.6.2 Ckeditor Ckeditor 4.7.0 Ckeditor Ckeditor 4.7.1 Ckeditor Ckeditor 4.7.2 Ckeditor Ckeditor 4.7.3 Ckeditor Ckeditor 4.8.0 Ckeditor Ckeditor 4.9.0 Ckeditor Ckeditor 4.9.1 Ckeditor Ckeditor 4.9.2 Ckeditor Ckeditor 4.10.0 Ckeditor Ckeditor 4.10.1 Ckeditor Ckeditor 4.11.0 Ckeditor Ckeditor 4.11.1 Ckeditor Ckeditor 4.11.2 Ckeditor Ckeditor 4.11.3 Ckeditor Ckeditor 4.11.4 Ckeditor Ckeditor 4.13.0 Ckeditor Ckeditor 4.13.1 Ckeditor Ckeditor 4.14 Ckeditor Ckeditor 4.14.0 Ckeditor Ckeditor 4.14.1 Ckeditor Ckeditor 4.15.0 Ckeditor Ckeditor 4.15.1 Ckeditor Ckeditor 4.16 Ckeditor Ckeditor 4.16.0 Ckeditor Ckeditor 4.16.1 Ckeditor Ckeditor 4.16.2 Ckeditor Ckeditor 4.17.0 Ckeditor Ckeditor 4.17.1 Ckeditor Ckeditor 4.17.2	80
Application	Drupal Drupal Drupal 9.3.0 Drupal Drupal 9.3.1 Drupal Drupal 9.3.2 Drupal Drupal 9.3.3 Drupal Drupal 9.3.4 Drupal Drupal 9.3.5 Drupal Drupal 9.3.6 Drupal Drupal 9.3.7 Drupal Drupal 8.0.0 Drupal Drupal 8.0.1 Drupal Drupal 8.0.2 Drupal Drupal 8.0.3 Drupal Drupal 8.0.4 Drupal Drupal 8.0.5 Drupal Drupal 8.0.6 Drupal Drupal 8.1.0 Drupal Drupal 8.1.1 Drupal Drupal 8.1.2 Drupal Drupal 8.1.3 Drupal Drupal 8.1.4 Drupal Drupal 8.1.5 Drupal Drupal 8.1.6 Drupal Drupal 8.1.7 Drupal Drupal 8.1.8 Drupal Drupal 8.1.9 Drupal Drupal 8.1.10 Drupal Drupal 8.2.0 Drupal Drupal 8.2.1 Drupal Drupal 8.2.2 Drupal Drupal 8.2.3 Drupal Drupal 8.2.4 Drupal Drupal 8.2.5 Drupal Drupal 8.2.6 Drupal Drupal 8.2.7 Drupal Drupal 8.2.8 Drupal Drupal 8.3.0 Drupal Drupal 8.3.1 Drupal Drupal 8.3.2 Drupal Drupal 8.3.3 Drupal Drupal 8.3.4 Drupal Drupal 8.3.5 Drupal Drupal 8.3.6 Drupal Drupal 8.3.7 Drupal Drupal 8.3.8 Drupal Drupal 8.3.9 Drupal Drupal 8.4.0 Drupal Drupal 8.4.1 Drupal Drupal 8.4.2 Drupal Drupal 8.4.3 Drupal Drupal 8.4.4 Drupal Drupal 8.4.5 Drupal Drupal 8.4.6 Drupal Drupal 8.4.7 Drupal Drupal 8.4.8 Drupal Drupal 8.5.0 Drupal Drupal 8.5.1 Drupal Drupal 8.5.2 Drupal Drupal 8.5.3 Drupal Drupal 8.5.4 Drupal Drupal 8.5.5 Drupal Drupal 8.5.6 Drupal Drupal 8.5.7 Drupal Drupal 8.5.8 Drupal Drupal 8.5.9 Drupal Drupal 8.5.10 Drupal Drupal 8.5.11 Drupal Drupal 8.5.12 Drupal Drupal 8.5.13 Drupal Drupal 8.5.14 Drupal Drupal 8.5.15 Drupal Drupal 8.6.0 Drupal Drupal 8.6.1 Drupal Drupal 8.6.2 Drupal Drupal 8.6.3 Drupal Drupal 8.6.4 Drupal Drupal 8.6.5 Drupal Drupal 8.6.6 Drupal Drupal 8.6.7 Drupal Drupal 8.6.8 Drupal Drupal 8.6.9 Drupal Drupal 8.6.10 Drupal Drupal 8.6.11 Drupal Drupal 8.6.12 Drupal Drupal 8.6.13 Drupal Drupal 8.6.14 Drupal Drupal 8.6.15 Drupal Drupal 8.6.16 Drupal Drupal 8.6.17 Drupal Drupal 8.6.18 Drupal Drupal 8.7.0 Drupal Drupal 8.7.1 Drupal Drupal 8.7.2 Drupal Drupal 8.7.3 Drupal Drupal 8.7.4 Drupal Drupal 8.7.5 Drupal Drupal 8.7.6 Drupal Drupal 8.7.7 Drupal Drupal 8.7.8 Drupal Drupal 8.7.9 Drupal Drupal 8.7.10 Drupal Drupal 8.7.11 Drupal Drupal 8.7.12 Drupal Drupal 8.7.13 Drupal Drupal 8.7.14 Drupal Drupal 8.8.0 Drupal Drupal 8.8.1 Drupal Drupal 8.8.2 Drupal Drupal 8.8.3 Drupal Drupal 8.8.4 Drupal Drupal 8.8.5 Drupal Drupal 8.8.6 Drupal Drupal 8.8.7 Drupal Drupal 8.8.8 Drupal Drupal 8.8.9 Drupal Drupal 8.8.10 Drupal Drupal 8.8.11 Drupal Drupal 8.8.12 Drupal Drupal 8.9.0 Drupal Drupal 8.9.1 Drupal Drupal 8.9.2 Drupal Drupal 8.9.3 Drupal Drupal 8.9.4 Drupal Drupal 8.9.5 Drupal Drupal 8.9.6 Drupal Drupal 8.9.7 Drupal Drupal 8.9.8 Drupal Drupal 8.9.9 Drupal Drupal 8.9.10 Drupal Drupal 8.9.11 Drupal Drupal 8.9.12 Drupal Drupal 8.9.13 Drupal Drupal 8.9.14 Drupal Drupal 8.9.15 Drupal Drupal 8.9.16 Drupal Drupal 8.9.17 Drupal Drupal 8.9.18 Drupal Drupal 8.9.19 Drupal Drupal 8.9.20 Drupal Drupal 9.0.0 Drupal Drupal 9.0.1 Drupal Drupal 9.0.2 Drupal Drupal 9.0.3 Drupal Drupal 9.0.4 Drupal Drupal 9.0.5 Drupal Drupal 9.0.6 Drupal Drupal 9.0.7 Drupal Drupal 9.0.8 Drupal Drupal 9.0.9 Drupal Drupal 9.0.10 Drupal Drupal 9.0.11 Drupal Drupal 9.0.12 Drupal Drupal 9.0.13 Drupal Drupal 9.0.14 Drupal Drupal 9.1.0 Drupal Drupal 9.1.1 Drupal Drupal 9.1.2 Drupal Drupal 9.1.3 Drupal Drupal 9.1.4 Drupal Drupal 9.1.5 Drupal Drupal 9.1.6 Drupal Drupal 9.1.7 Drupal Drupal 9.1.8 Drupal Drupal 9.1.9 Drupal Drupal 9.1.10 Drupal Drupal 9.1.11 Drupal Drupal 9.1.12 Drupal Drupal 9.1.13 Drupal Drupal 9.1.14 Drupal Drupal 9.1.15 Drupal Drupal 9.2.0 Drupal Drupal 9.2.1 Drupal Drupal 9.2.2 Drupal Drupal 9.2.3 Drupal Drupal 9.2.4 Drupal Drupal 9.2.5 Drupal Drupal 9.2.6 Drupal Drupal 9.2.7 Drupal Drupal 9.2.8 Drupal Drupal 9.2.9 Drupal Drupal 9.2.10 Drupal Drupal 9.2.11 Drupal Drupal 9.2.12 Drupal Drupal 9.2.13 Drupal Drupal 9.2.14	272
Application	Oracle Oracle Peoplesoft Enterprise Peopletools 8.58 Oracle Peoplesoft Enterprise Peopletools 8.59 Oracle Commerce Merchandising 11.3.2 Oracle Financial Services Trade Based Anti Money Laundering 8.0.7 Oracle Financial Services Trade Based Anti Money Laundering 8.0.8 Oracle Financial Services Analytical Applications Infrastructure 8.1.2.0 Oracle Financial Services Analytical Applications Infrastructure 8.1.1.0 Oracle Financial Services Analytical Applications Infrastructure 8.1.2.1 Oracle Financial Services Analytical Applications Infrastructure 8.0.7.0.0 Oracle Financial Services Analytical Applications Infrastructure 8.0.7.1.0 Oracle Financial Services Analytical Applications Infrastructure 8.0.7.2.0 Oracle Financial Services Analytical Applications Infrastructure 8.0.8 Oracle Financial Services Analytical Applications Infrastructure 8.0.8.0.0 Oracle Financial Services Analytical Applications Infrastructure 8.0.9 Oracle Financial Services Analytical Applications Infrastructure 8.0.9.0.0 Oracle Financial Services Analytical Applications Infrastructure 8.1.0 Oracle Financial Services Analytical Applications Infrastructure 8.1.0.0.0 Oracle Application Express - Oracle Application Express 3.0 Oracle Application Express 3.1 Oracle Application Express 3.2 Oracle Application Express 4.0 Oracle Application Express 4.1 Oracle Application Express 4.2 Oracle Application Express 5.0 Oracle Application Express 5.0.4 Oracle Application Express 5.1.0 Oracle Application Express 5.1.1 Oracle Application Express 5.1.2 Oracle Application Express 5.1.2.00.09 Oracle Application Express 5.1.3 Oracle Application Express 5.1.3.00.05 Oracle Application Express 5.1.4 Oracle Application Express 5.1.4.00.08 Oracle Application Express 18.2 Oracle Application Express 19.1 Oracle Application Express 19.2 Oracle Application Express 20.1 Oracle Application Express 20.2 Oracle Application Express 21.1.0 Oracle Application Express 21.1.0.00.01 Oracle Application Express 21.1.4 Oracle Financial Services Behavior Detection Platform 8.1.1.0 Oracle Financial Services Behavior Detection Platform 8.1.1.1 Oracle Financial Services Behavior Detection Platform 8.1.2.0 Oracle Financial Services Behavior Detection Platform 8.0.8.0 Oracle Financial Services Behavior Detection Platform 8.0.7.0	47
OS	Fedoraproject Fedoraproject Fedora 36 Fedoraproject Fedora 37	2

Vulnerabilities > CVE-2022-24729 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2022-24729"}]}

Summary

Vulnerable Configurations

References

Vulnerabilities > CVE-2022-24729