Search CVE reports
1 – 10 of 63 results
Some fixes available 3 of 11
Best Practical RT (Request Tracker) 4.4 through 4.4.7 and 5.0 through 5.0.7 allows XSS via injection of crafted parameters in a search URL.
2 affected packages
request-tracker4, request-tracker5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| request-tracker5 | Fixed | Fixed | Not in release | — |
Some fixes available 3 of 11
Vulnerability in Best Practical Solutions, LLC's Request Tracker prior to v5.0.8, where the Triple DES (3DES) cryptographic algorithm is used to protect emails sent with S/MIME encryption. Triple DES is considered obsolete and...
2 affected packages
request-tracker4, request-tracker5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| request-tracker5 | Fixed | Fixed | Not in release | — |
CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. During a recent internal audit, a Cross-Site Scripting (XSS) vulnerability was discovered in the CKEditor 5 real-time collaboration package. This...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ckeditor | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CKEditor 5 is a JavaScript rich-text editor. Starting in version 40.0.0 and prior to version 43.1.1, a Cross-Site Scripting (XSS) vulnerability is present in the CKEditor 5 clipboard package. This vulnerability could be triggered...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ckeditor | Not affected | Not affected | Not affected | Not affected |
| ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 3 of 23
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A theoretical vulnerability has been identified in CKEditor 4.22 (and above). In a highly unlikely scenario where an attacker gains control over...
4 affected packages
ckeditor3, ldap-account-manager, request-tracker4, ckeditor
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ckeditor | Fixed | Not affected | Not affected | Not affected |
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A potential vulnerability has been discovered in CKEditor 4 Code Snippet GeSHi plugin. The vulnerability allowed a reflected XSS attack by exploiting a flaw in...
5 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4, geshi
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ckeditor | Not affected | Not affected | Not affected | Not affected |
| ckeditor3 | Not affected | Not affected | Not affected | Not affected |
| ldap-account-manager | Not affected | Not affected | Not affected | Not affected |
| request-tracker4 | Not affected | Not affected | Not affected | Not affected |
| geshi | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 2 of 12
Information exposure vulnerability in RT software affecting version 4.4.1. This vulnerability allows an attacker with local access to the device to retrieve sensitive information about the application, such as...
2 affected packages
request-tracker4, request-tracker5
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| request-tracker5 | Fixed | Fixed | Not in release | — |
Some fixes available 6 of 31
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability vulnerability has been discovered in versions prior to 4.24.0-lts in samples that use the `preview` feature....
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ckeditor | Fixed | Fixed | Fixed | Fixed |
| ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
Some fixes available 6 of 31
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered in the core HTML parsing module in versions of CKEditor4 prior to 4.24.0-lts. It may affect all editor...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ckeditor | Fixed | Fixed | Fixed | Fixed |
| ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
A Cross-Site scripting vulnerability has been found in CKSource CKEditor affecting versions 4.15.1 and earlier. An attacker could send malicious javascript code through the /ckeditor/samples/old/ajax.html file and retrieve an...
4 affected packages
ckeditor, ckeditor3, ldap-account-manager, request-tracker4
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| ckeditor | Not affected | Not affected | Vulnerable | Vulnerable |
| ckeditor3 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| ldap-account-manager | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| request-tracker4 | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |