ckan vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2026-42032Mediumckan: CKAN has Unauthenticated Authorization Bypass in `datastore_search_sql`CVE-2026-42031Highckan: CKAN has Unauthenticated SQL Injection and Authorization Bypass in `datastore_search_sql`CVE-2026-41255Mediumckan: CKAN has CSRF exemption primed by anonymous requestsCVE-2026-41132Mediumckan: CKAN has no certificate validation on STMP connectionCVE-2025-64100Mediumckan: CKAN vulnerable to fixed session IDsCVE-2025-54384Mediumckan: CKAN vulnerable to stored XSS in resource descriptionCVE-2025-24372Highckan: CKAN has an XSS vector in user uploaded images in group/org and user profilesCVE-2024-43371Mediumckan: Potential access to sensitive URLs via CKAN extensions (SSRF)CVE-2024-41675Mediumckan: CKAN has Cross-site Scripting vector in the Datatables view pluginCVE-2024-41674Mediumckan: CKAN may leak Solr credentials via error message in package_search actionCVE-2024-27097Mediumckan: Potential log injection in reset user endpoint in CKANCVE-2023-50248Mediumckan: Out of memory error when submitting the dataset form with a specially-crafted fieldCVE-2023-32321Criticalckan: Ckan remote code execution and private information access via crafted resource idsCVE-2022-43685Highckan: CKAN contains Improper Authentication leading to account takeoverCVE-2021-25967Mediumckan: Cross-site Scripting in CKAN

Stop the waste.
Protect your environment with Kodem.