Search CVE reports
1 – 4 of 4 results
CVE-2021-3427
Medium priorityThe Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can...
1 affected package
deluge
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
deluge | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2017-9031
Medium priorityThe WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability involving a request in which the name of the render file is not associated with any template file.
1 affected package
deluge
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
deluge | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2017-7178
Medium priorityCSRF was discovered in the web UI in Deluge before 1.3.14. The exploitation methodology involves (1) hosting a crafted plugin that executes an arbitrary program from its __init__.py file and (2) causing the victim to download,...
1 affected package
deluge
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
deluge | Not affected | Not affected | Not affected | Not affected | Vulnerable |
CVE-2008-0646
Low priorityThe bdecode_recursive function in include/libtorrent/bencode.hpp in Rasterbar Software libtorrent before 0.12.1, as used in Deluge before 0.5.8.3 and other products, allows context-dependent attackers to cause a denial of service...
3 affected packages
deluge, deluge-torrent, libtorrent
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
deluge | — | — | — | — | — |
deluge-torrent | — | — | — | — | — |
libtorrent | — | — | — | — | — |