Search CVE reports


Toggle filters

1 – 4 of 4 results


CVE-2021-3427

Medium priority
Needs evaluation

The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted directly as HTML. Someone who supplies the user with a malicious torrent file can...

1 affected package

deluge

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
deluge Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2017-9031

Medium priority
Vulnerable

The WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability involving a request in which the name of the render file is not associated with any template file.

1 affected package

deluge

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
deluge Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2017-7178

Medium priority
Vulnerable

CSRF was discovered in the web UI in Deluge before 1.3.14. The exploitation methodology involves (1) hosting a crafted plugin that executes an arbitrary program from its __init__.py file and (2) causing the victim to download,...

1 affected package

deluge

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
deluge Not affected Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2008-0646

Low priority
Ignored

The bdecode_recursive function in include/libtorrent/bencode.hpp in Rasterbar Software libtorrent before 0.12.1, as used in Deluge before 0.5.8.3 and other products, allows context-dependent attackers to cause a denial of service...

3 affected packages

deluge, deluge-torrent, libtorrent

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
deluge
deluge-torrent
libtorrent
Show less packages