deluge-torrent Deluge 1.3.14

CPE Details

deluge-torrent Deluge 1.3.14
deluge-torrent
deluge
1.3.14
2017-05-30
13h19 +00:00
2017-05-30
13h19 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:deluge-torrent:deluge:1.3.14:*:*:*:*:*:*:*

Informations

Vendor

deluge-torrent

Product

deluge

Version

1.3.14

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2021-3427 2022-08-25 22h00 +00:00 The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can execute arbitrary Javascript code in the context of the user's browser session.
6.1
Medium
CVE-2017-9031 2017-05-17 17h00 +00:00 The WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability involving a request in which the name of the render file is not associated with any template file.
9.8
Critical
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.