Packages

pleroma

0.9.0-develop.2dcded20

Pleroma is a federated social network server.

Security advisory: This version has known vulnerabilities. View advisories

HexPreview

Current section

1 Advisory

Jump to

Readme 1 Version 15 Dependencies 0 Dependants 1 Advisory Activity

GHSA-2c28-m2m7-mf55 CVE-2023-5588

Pleroma Path Traversal vulnerability

October 16, 2023

CVSS

2.6 / 10.0 Low

CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected Versions

< 2.5.3

References

https://github.com/kphrx/pleroma
https://github.com/kphrx/pleroma/commit/2c795094535537a8607cc0d3b7f076a609636f40
https://github.com/kphrx/pleroma/commits/v2.5.3
https://github.com/kphrx/pleroma/pull/197
https://nvd.nist.gov/vuln/detail/CVE-2023-5588
https://vuldb.com/?ctiid.242187
https://vuldb.com/?id.242187

Checksum

Dependency Config

mix.exs

rebar.config

Gleam

erlang.mk

Package Details

Downloads Last 30 days, all versions

this version

319

yesterday

last 7 days

all time

319

Last Updated

Jun 27, 2018

License

AGPL-3.0

Build Tools

mix

Publisher

jorty

Owners

jorty

Operator	Description	Example
name:	Match package name. Supports * wildcards and repo/package form	name:phx* or name:hexpm/phoenix
description:	Full-text search of package descriptions	description:auth
depends:	Packages depending on a given package. Supports repo:package form	depends:ecto or depends:hexpm:ecto
build_tool:	Filter by build tool	build_tool:mix
updated_after:	Packages updated after an ISO8601 datetime	updated_after:2025-01-01T00:00:00Z
extra:	Match custom metadata (key,value). Nested keys are separated by commas	extra:license,MIT

pleroma

Checksum

Dependency Config

Package Details

Links

Owners

Search filters