Vulnerabilities > Okfn
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-13 | CVE-2023-50248 | Improper Handling of Length Parameter Inconsistency vulnerability in Okfn Ckan CKAN is an open-source data management system for powering data hubs and data portals. | 6.5 |
| 2023-05-30 | CVE-2023-32696 | Improper Privilege Management vulnerability in Okfn Ckan CKAN is an open-source data management system for powering data hubs and data portals. | 8.8 |
| 2023-05-26 | CVE-2023-32321 | Unspecified vulnerability in Okfn Ckan CKAN is an open-source data management system for powering data hubs and data portals. | 9.8 |
| 2023-02-03 | CVE-2023-22746 | Use of Invariant Value in Dynamically Changing Context vulnerability in Okfn Ckan CKAN is an open-source DMS (data management system) for powering data hubs and data portals. | 7.5 |
| 2022-11-22 | CVE-2022-43685 | Unspecified vulnerability in Okfn Ckan CKAN through 2.9.6 account takeovers by unauthenticated users when an existing user id is sent via an HTTP POST request. | 8.8 |
| 2021-12-01 | CVE-2021-25967 | Cross-site Scripting vulnerability in Okfn Ckan In CKAN, versions 2.9.0 to 2.9.3 are affected by a stored XSS vulnerability via SVG file upload of users’ profile picture. | 3.5 |