Ckan

Latest version: v2.11.2

Vulnerabilities (14)

CVE/PVE	Vulnerability ID	Advisory	Affected versions	Severity	Severity Score
PVE-2021-39613	39613	Ckan 2.6.9, 2.7.7 and 2.8.4 fix a code injection issue in the autocom…	<2.6.9 >=2.7.0,<2.7.7 >=2.8.0,<2.8.4	HIDDEN	X.Y
CVE-2023-32696	64195	CKAN is an open-source data management system for powering data hubs …	<2.9.9 ==2.10.0	HIGH	8.8
CVE-2024-27097	71909	A user endpoint didn't perform filtering on an incoming parameter, wh…	<2.9.11 >=2.10.0,<2.10.4	MEDIUM	5.3
CVE-2023-22746	62888	CKAN is an open-source DMS (data management system) for powering data…	<2.8.12 >=2.9.0,<2.9.7	HIGH	7.5
CVE-2023-32321	64193	CKAN is an open-source data management system for powering data hubs …	==2.10.0 >=2.9.0,<2.9.9	CRITICAL	9.8
CVE-2023-50248	65383	CKAN is an open-source data management system for powering data hubs …	>=2.0,<2.9.10 >=2.10.0,<2.10.3	MEDIUM	6.5
CVE-2021-25967	54196	In CKAN, versions 2.9.0 to 2.9.3 are affected by a stored XSS vulnera…	>=2.9.0,<2.9.4	MEDIUM	5.4
CVE-2024-41675	72976	CKAN's datatables_view plugin affected versions are vulnerable to a C…	>=2.7.0,<2.10.5	MEDIUM	6.1
CVE-2025-24372	76345	CKAN has an XSS vector in `user` uploaded images in group/org and use…	<2.10.7	-	-
CVE-2024-43371	72975	Several CKAN plugins, including XLoader, DataPusher, Resource Proxy, …	<2.10.5	MEDIUM	6.5
CVE-2024-41674	72977	CKAN affected versions may expose sensitive information, including in…	<2.10.5	MEDIUM	5.3
PVE-2021-34558	34558	Ckan 1.8.1 fixes a possible XSS vulnerability on html input. https:/…	<1.8.1	HIDDEN	X.Y
PVE-2021-34556	34556	ckan 1.5.1 fixes a security issue affecting CKAN v1.5 and before.	<1.5.1	-	-
CVE-2022-43685	54589	CKAN through 2.9.6 account takeovers by unauthenticated users when an…	>=0,<2.9.7	HIGH	8.8