Known Vulnerabilities for products from Casbin
Listed below are 7 of the newest known vulnerabilities associated with the vendor "Casbin".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-5469 json | A weakness has been identified in Casdoor 2.356.0. This vulnerability affects unknown code of the component Webhook URL Handl... | Not Provided | 2026-04-03 | 2026-04-09 |
| CVE-2026-5468 json | A security flaw has been discovered in Casdoor 2.356.0. This affects the function dangerouslySetInnerHTML. Performing a manip... | Not Provided | 2026-04-03 | 2026-04-09 |
| CVE-2026-5467 json | A vulnerability was identified in Casdoor 2.356.0. Affected by this issue is some unknown functionality of the component OAut... | Not Provided | 2026-04-03 | 2026-04-09 |
| CVE-2023-34927 json | Casdoor v1.331.0 and below was discovered to contain a Cross-Site Request Forgery (CSRF) in the endpoint /api/set-password. T... | 6.5 - MEDIUM | 2023-06-22 | 2023-06-28 |
| CVE-2022-44942 json | Casdoor before v1.126.1 was discovered to contain an arbitrary file deletion vulnerability via the uploadFile function. | 8.1 - HIGH | 2022-12-07 | 2022-12-08 |
| CVE-2022-38638 json | Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload... | 9.1 - CRITICAL | 2022-09-09 | 2023-08-08 |
| CVE-2022-24124 json | The query API in Casdoor before 1.13.1 has a SQL injection vulnerability related to the field and value parameters, as demons... | 7.5 - HIGH | 2022-01-29 | 2022-04-05 |