Debian/ikiwiki — 30 CVEs

Loading…

All known vulnerabilities

CRITICAL9.8CVE-2017-0356A flaw, similar to to CVE-2016-9646, exists in ikiwiki before 3.20170111, in the passwordauth plugin's use of CGI::FormBuilder, allowing an…

from 0, < 3.20170111

HIGH8.2CVE-2011-1408ikiwiki before 3.20110608 allows remote attackers to hijack root's tty and run symlink attacks.

from 0, < 3.20110608

HIGH7.5CVE-2019-9187ikiwiki - security update

from 0, < 3.20141016.4+deb8u1

HIGH7.5ikiwiki - security update

from 0, < 3.20170111.1

HIGH7.5ikiwiki - security update

from 0, < 3.20190228-1

HIGH7.5ikiwiki - security update

from 0, < 3.20141016.4

HIGH7.5ikiwiki - security update

from 0, < 3.20120629.2+deb7u2

HIGH7.5ikiwiki - security update

from 0, < 3.20161219

MEDIUM6.5The fix for ikiwiki for CVE-2016-10026 was incomplete resulting in editing restriction bypass for git revert when using git versions older…

from 0, < 3.20161229

MEDIUM6.1Cross-site scripting (XSS) vulnerability in templates/openid-selector.tmpl in ikiwiki before 3.20150329 allows remote attackers to inject a…

from 0, < 3.20141016.2

MEDIUM6.1A cross-site scripting (XSS) vulnerability in ikiwiki before 3.20101112 allows remote attackers to inject arbitrary web script or HTML via…

from 0, < 3.20101112

MEDIUM6.1Cross Site Scripting (XSS) in ikiwiki before 3.20110122 could allow remote attackers to insert arbitrary JavaScript due to insufficient che…

from 0, < 3.20110122

MEDIUM6.1ikiwiki - security update

from 0, < 3.20120629.2+deb7u1

MEDIUM6.1ikiwiki - security update

from 0, < 3.20141016.3

MEDIUM6.1ikiwiki - security update

from 0, < 3.20160506

MEDIUM5.3ikiwiki before 3.20161229 incorrectly called the CGI::FormBuilder->field method (similar to the CGI->param API that led to Bugzilla's CVE-2…

from 0, < 3.20161229

—ikiwiki - cross-site scripting

from 0, < 3.20120516

—ikiwiki - cross-site scripting

from 0, < 3.20100815.9

—ikiwiki - missing input validation

from 0, < 3.20110328

—ikiwiki - missing input validation

from 0, < 2.53.6

—ikiwiki - cross-site scripting

from 0, < 2.53.5

—ikiwiki - cross-site scripting

from 0, < 3.20100312

—ikiwiki - information disclosure

from 0, < 3.1415926

—ikiwiki - information disclosure

from 0, < 2.53.4

—Plugin/passwordauth.pm (aka the passwordauth plugin) in ikiwiki 1.34 through 2.47 allows remote attackers to bypass authentication, and log…

from 0, < 2.48

—ikiwiki - cross-site request forgery

from 0, < 1.33.5

—ikiwiki - cross-site request forgery

from 0, < 2.42

—Cross-site scripting (XSS) vulnerability in the htmlscrubber in Ikiwiki before 1.1.46 allows remote attackers to inject arbitrary web scrip…

from 0, < 2.31.1

—ikiwiki - cross-site scripting

from 0, < 2.31.1

—ikiwiki - cross-site scripting

from 0, < 1.33.4

pkg:Debian/ikiwiki

✅ Check your installed version

All known vulnerabilities