Homepage

spip vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the spip package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • C
CVE-2024-8517

<4.3.2+dfsg-1
  • L
CVE-2024-7954

<4.3.0+dfsg-1
  • M
Cross-site Scripting (XSS)

<4.1.15+dfsg-1
  • M
Cross-site Scripting (XSS)

<4.1.13+dfsg-1
  • C
CVE-2023-27372

<4.1.8+dfsg-1
  • C
SQL Injection

<4.1.7+dfsg-1
  • H
CVE-2022-37155

<4.1.5+dfsg-1
  • M
Cross-site Scripting (XSS)

<3.2.8-1
  • H
SQL Injection

<3.2.8-1
  • H
Improper Encoding or Escaping of Output

<3.2.8-1
  • M
Information Exposure

<4.0.5-1
  • H
CVE-2022-26846

<4.0.5-1
  • M
Cross-site Scripting (XSS)

<3.2.12-1
  • H
Unrestricted Upload of File with Dangerous Type

<3.2.12-1
  • M
Cross-site Scripting (XSS)

<3.2.12-1
  • H
Cross-site Request Forgery (CSRF)

<3.2.12-1
  • C
CVE-2020-28984

<3.2.8-1
  • M
Improper Input Validation

<3.2.7-1
  • M
Information Exposure

<3.2.5-1
  • M
Cross-site Scripting (XSS)

<3.2.5-1
  • M
CVE-2019-16391

<3.2.5-1
  • M
Open Redirect

<3.2.5-1
  • H
Improper Input Validation

<3.2.4-1
  • M
Cross-site Scripting (XSS)

<3.1.4-4
  • C
OS Command Injection

<3.1.4-3
  • H
Directory Traversal

<3.1.3-1
  • H
Server-Side Request Forgery (SSRF)

<3.1.3-1
  • H
Cross-site Request Forgery (CSRF)

<3.1.3-1
  • H
Improper Input Validation

<3.1.3-1
  • M
Cross-site Scripting (XSS)

<3.1.3-1
  • M
Cross-site Scripting (XSS)

<3.1.4-2
  • M
Cross-site Scripting (XSS)

<3.1.4-2
  • M
Cross-site Scripting (XSS)

<3.1.4-2
  • C
Arbitrary Code Injection

<3.0.22-1
  • C
Arbitrary Code Injection

<3.0.22-1
  • M
Cross-site Scripting (XSS)

<3.0.13-1
  • M
Cross-site Request Forgery (CSRF)

<2.1.24-1
  • H
Arbitrary Code Injection

<2.1.24-1
  • M
Cross-site Scripting (XSS)

<2.1.24-1
  • H
CVE-2013-2118

<2.1.22-1
  • C
CVE-2012-4331

<2.1.13-1
  • L
Cross-site Scripting (XSS)

<2.1.13-1
  • M
Access Restriction Bypass

<2.0.9-1
  • H
SQL Injection

<2.0.6-1
  • C
CVE-2008-5812

<2.0.6-1
  • H
Arbitrary Code Injection

<2.0.6-1
  • H
CVE-2006-1702

<2.0.6-1
  • M
CVE-2006-1295

<2.0.6-1
  • M
CVE-2006-0626

<2.0.6-1
  • M
CVE-2006-0625

<2.0.6-1
  • M
CVE-2006-0517

<2.0.6-1
  • M
CVE-2006-0518

<2.0.6-1
  • M
CVE-2006-0519

<2.0.6-1
  • M
CVE-2005-4494

<2.0.6-1