pkg:gem/decidim-admin
Type
gem
Name
decidim-admin
Known advisories, vulnerabilities and fixes for decidim-admin package.
- Repository
- https://rubygems.org/gems/decidim-admin
Medium
3
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | < 0.27.5 = 0.0.1.alpha3 |
CVE-2023-48220
|
 RUBYSEC:DECIDIM-ADMIN-2023-48220
|
Possibility to circumvent the invitation token expiry period | medium |
2024-02-20T00:00:00
(7 months ago) |
|
| Fixed | = 0.26.9 >= 0.27.5 |
CVE-2023-48220
|
RUBYSEC:DECIDIM-ADMIN-2023-48220
|
Possibility to circumvent the invitation token expiry period | medium |
2024-02-20T00:00:00
(7 months ago) |
|
| Unaffected | < 0.0.1.alpha3 |
CVE-2023-48220
|
RUBYSEC:DECIDIM-ADMIN-2023-48220
|
Possibility to circumvent the invitation token expiry period | medium |
2024-02-20T00:00:00
(7 months ago) |
|
| Affected | < 0.28.1 |
CVE-2024-27095
|
RUBYSEC:DECIDIM-ADMIN-2024-27095
|
Decidim cross-site scripting (XSS) in the admin panel | medium |
2024-07-10T00:00:00
(2 months ago) |
|
| Fixed | = 0.27.6 >= 0.28.1 |
CVE-2024-27095
|
RUBYSEC:DECIDIM-ADMIN-2024-27095
|
Decidim cross-site scripting (XSS) in the admin panel | medium |
2024-07-10T00:00:00
(2 months ago) |
|
| Affected | < 0.28.2 |
CVE-2024-32034
|
RUBYSEC:DECIDIM-ADMIN-2024-32034
|
Decidim::Admin vulnerable to cross-site scripting (XSS) in the admin activity log | medium |
2024-09-16T00:00:00
(3 days ago) |
|
| Fixed | = 0.27.7 >= 0.28.2 |
CVE-2024-32034
|
RUBYSEC:DECIDIM-ADMIN-2024-32034
|
Decidim::Admin vulnerable to cross-site scripting (XSS) in the admin activity log | medium |
2024-09-16T00:00:00
(3 days ago) |