Browse all 12 CVE security advisories affecting ckan. AI-powered Chinese analysis, POCs, and references for each vulnerability.
CKAN is an open-source data management system used primarily for government and organizational data portals. Historically, it has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and access controls. The platform's complex plugin architecture and default configurations have contributed to security risks. While no major public incidents have been widely documented, the 12 recorded CVEs highlight ongoing concerns, particularly around authentication and authorization flaws. Organizations implementing CKAN should prioritize hardening configurations, regular patching, and plugin vetting to mitigate risks associated with its extensive feature set and customizable nature.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-32696 | Excessive permissions for ckan user — ckan-docker-baseCWE-269 | 8.8 | High | 2023-05-30 |
This page lists every published CVE security advisory associated with ckan. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.