Trac@0.11 vulnerabilities
Integrated SCM, wiki, issue tracker and project environment
latest version
1.6
latest non vulnerable version
first published
16 years ago
latest version published
1 years ago
licenses detected
- [0.9,)
Direct Vulnerabilities
Known vulnerabilities in the Trac package. This does not include vulnerabilities belonging to this package’s dependencies.
How to fix?
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
Trac is an Integrated SCM, wiki, issue tracker and project environment Affected versions of this package are vulnerable to Improper Access Control due to improper policy checks and a missing 'raw' role check in docutils. An attacker can exploit these vulnerabilities by leveraging the unspecified attack vectors related to policy checks in report results when using alternate formats or the absence of a 'raw' role check. How to fix Improper Access Control? Upgrade | [,0.12) |
Trac is an Integrated SCM, wiki, issue tracker and project environment Affected versions of this package are vulnerable to Open Redirect via the HTML sanitizer filter, which allows attackers to conduct phishing attacks via unknown attack vectors. How to fix Open Redirect? Upgrade | [,0.11.2) |
Trac is an Integrated SCM, wiki, issue tracker and project environment Affected versions of this package are vulnerable to Denial of Service (DoS) via unknown attack vectors related to "certain wiki markup." How to fix Denial of Service (DoS)? Upgrade | [,0.12) |