Vulnerabilities > Okfn

DATE CVE VULNERABILITY TITLE RISK
2024-08-21 CVE-2024-41674 Information Exposure Through an Error Message vulnerability in Okfn Ckan
CKAN is an open-source data management system for powering data hubs and data portals.
network
low complexity
okfn CWE-209
5.3
2024-08-21 CVE-2024-41675 Cross-site Scripting vulnerability in Okfn Ckan
CKAN is an open-source data management system for powering data hubs and data portals.
network
low complexity
okfn CWE-79
6.1
2024-08-21 CVE-2024-43371 Server-Side Request Forgery (SSRF) vulnerability in Okfn Ckan
CKAN is an open-source data management system for powering data hubs and data portals.
network
low complexity
okfn CWE-918
6.5
2023-12-13 CVE-2023-50248 Unspecified vulnerability in Okfn Ckan
CKAN is an open-source data management system for powering data hubs and data portals.
network
low complexity
okfn
6.5
2023-05-30 CVE-2023-32696 Improper Privilege Management vulnerability in Okfn Ckan
CKAN is an open-source data management system for powering data hubs and data portals.
network
low complexity
okfn CWE-269
8.8
2023-05-26 CVE-2023-32321 Unspecified vulnerability in Okfn Ckan
CKAN is an open-source data management system for powering data hubs and data portals.
network
low complexity
okfn
critical
9.8
2023-02-03 CVE-2023-22746 Unspecified vulnerability in Okfn Ckan
CKAN is an open-source DMS (data management system) for powering data hubs and data portals.
network
low complexity
okfn
7.5
2022-11-22 CVE-2022-43685 Unspecified vulnerability in Okfn Ckan
CKAN through 2.9.6 account takeovers by unauthenticated users when an existing user id is sent via an HTTP POST request.
network
low complexity
okfn
8.8
2021-12-01 CVE-2021-25967 Cross-site Scripting vulnerability in Okfn Ckan
In CKAN, versions 2.9.0 to 2.9.3 are affected by a stored XSS vulnerability via SVG file upload of users’ profile picture.
network
low complexity
okfn CWE-79
5.4