-
Notifications
You must be signed in to change notification settings - Fork 2k
Security: ckan/ckan
Security Navigation
Security Advisories
View information about security vulnerabilities from this repository's maintainers.
-
XSS vector in user uploaded images in group/org and user profilesGHSA-7pq5-qcp6-mcww published
Feb 5, 2025 by amercaderHigh -
Potential access to sensitive URLs via CKAN extensions (SSRF)GHSA-g9ph-j5vj-f8wm published
Aug 21, 2024 by amercaderModerate -
Solr credentials leak via error message in package_search actionGHSA-2rqw-cfhc-35fh published
Aug 21, 2024 by amercaderModerate -
XSS vector in the Datatables view pluginGHSA-r3jc-vhf4-6v32 published
Aug 21, 2024 by amercaderModerate -
Potential log injection in reset user endpointGHSA-8g38-3m6v-232j published
Mar 13, 2024 by amercaderModerate -
Remote code execution and private information access via crafted resource idsGHSA-446m-hmmm-hm8m published
May 24, 2023 by amercaderCritical -
Session secret shared across instances using Docker imagesGHSA-pr8j-v4c8-h62x published
Jan 31, 2023 by amercaderHigh -
Out of memory error when submitting the dataset form with a specially-crafted fieldGHSA-7fgc-89cx-w8j5 published
Dec 13, 2023 by amercaderModerate