📦 Ckan

Name: Ckan
Author: Okfn

by Okfn

🔍 What is Ckan?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2023-32321

CRITICAL CVSS 9.8 May 26, 2023

CVE-2023-32321 is a critical vulnerability in CKAN data management systems that allows authenticated users to write arbitrary files and achieve remote code execution through insecure pickle loading. I...

CVE-2023-32696

HIGH CVSS 8.8 May 30, 2023

This vulnerability in CKAN's Docker container allows the 'ckan' user (equivalent to www-data) to execute arbitrary code with elevated privileges via sudo. It affects CKAN deployments using vulnerable ...

CVE-2023-22746

HIGH CVSS 8.6 Feb 3, 2023

This vulnerability allows attackers to forge authentication requests against CKAN instances using default Docker images. It affects users who deployed CKAN via specific Docker images without overridin...

CVE-2024-41675

MEDIUM CVSS 6.8 Aug 21, 2024

This vulnerability allows cross-site scripting (XSS) attacks in CKAN's Datatables view plugin due to improper escaping of data from the DataStore. Attackers can inject malicious scripts that execute i...