Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
OkfnCkan

3 matches found

CVE
CVEadded 2022/11/22 1:15 a.m.51 views

CVE-2022-43685

CKAN through 2.9.6 account takeovers by unauthenticated users when an existing user id is sent via an HTTP POST request. This allows a user to take over an existing account including superuser accounts.

8.8CVSS8.6AI score0.00214EPSS
CVE
CVEadded 2023/05/30 7:15 p.m.50 views

CVE-2023-32696

CKAN is an open-source data management system for powering data hubs and data portals. Prior to versions 2.9.9 and 2.10.1, the ckan user (equivalent to www-data) owned code and configuration files in the docker container and the ckan user had the permissions to use sudo. These issues allowed for co...

8.8CVSS9.1AI score0.0021EPSS
CVE
CVEadded 2023/02/03 10:15 p.m.41 views

CVE-2023-22746

CKAN is an open-source DMS (data management system) for powering data hubs and data portals. When creating a new container based on one of the Docker images listed below, the same secret key was being used by default. If the users didn't set a custom value via environment variables in the .env file...

8.6CVSS7.9AI score0.00075EPSS