Dino Dino

Do you want an email whenever new security vulnerabilities are reported in Dino?

By the Year

In 2021 there have been 1 vulnerability in Dino with an average score of 5.3 out of ten. Dino did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2021 as compared to last year.

Year Vulnerabilities Average Score
2021 1 5.30
2020 0 0.00
2019 3 7.50
2018 0 0.00

It may take a day or so for new Dino vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Dino Security Vulnerabilities

Dino before 0.1.2 and 0.2.x before 0.2.1

CVE-2021-33896 5.3 - Medium - June 07, 2021

Dino before 0.1.2 and 0.2.x before 0.2.1 allows Directory Traversal (only for creation of new files) via URI-encoded path separators.

Directory traversal

Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala.

CVE-2019-16235 7.5 - High - September 11, 2019

Dino before 2019-09-10 does not properly check the source of a carbons message in module/xep/0280_message_carbons.vala.

Origin Validation Error

Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala.

CVE-2019-16236 7.5 - High - September 11, 2019

Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala.

AuthZ

Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala.

CVE-2019-16237 7.5 - High - September 11, 2019

Dino before 2019-09-10 does not properly check the source of an MAM message in module/xep/0313_message_archive_management.vala.

Origin Validation Error

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Fedora Project Fedora or by Dino? Click the Watch button to subscribe.

Dino
Vendor

Dino
Product

subscribe