Browse all 3 CVE security advisories affecting Caton. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Caton is a web application framework primarily used for building dynamic content management systems. Historically, it has been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with three CVEs documented. The framework's modular architecture introduces potential risks through third-party plugin integrations. While no major public security incidents have been reported, the consistent pattern of vulnerabilities in input validation and access control mechanisms suggests ongoing security challenges. Developers implementing Caton should prioritize regular updates and strict input sanitization to mitigate risks associated with its historical vulnerability profile.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-2682 | Caton Live Mini_HTTPD ping.cgi command injection — LiveCWE-77 | 6.3 | Medium | 2023-05-12 |
| CVE-2023-2520 | Caton Prime Ping command injection — PrimeCWE-77 | 8.8 | High | 2023-05-04 |
| CVE-2023-2519 | Caton CTP Relay Server API login sql injection — CTP Relay ServerCWE-89 | 7.3 | High | 2023-05-04 |
This page lists every published CVE security advisory associated with Caton. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.