Browse all 5 CVE security advisories affecting Kozea. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Kozea develops web applications and content management systems, primarily serving as a platform for building dynamic websites and applications. Historically, vulnerabilities in Kozea products have commonly included cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws, often stemming from improper input validation and access control issues. The project maintains a moderate security posture with five CVEs recorded to date, though no major security incidents have been widely documented. Kozea's codebase typically requires regular security updates to address newly discovered vulnerabilities, particularly in its templating and user input handling components.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-68616 | WeasyPrint Vulnerable to Server-Side Request Forgery (SSRF) Protection Bypass via HTTP Redirect — WeasyPrintCWE-601 | 7.5 | High | 2026-01-19 |
| CVE-2024-28184 | WeasyPrint allows the attachment of arbitrary files and URLs to a PDF — WeasyPrintCWE-829 | 7.4 | High | 2024-03-09 |
This page lists every published CVE security advisory associated with Kozea. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.