Information on source package civicrm

Available versions

ReleaseVersion
bullseye5.33.2+dfsg1-1
sid5.68.1+dfsg1-1

Open issues

BugbullseyesidDescription
CVE-2025-3573vulnerable (no DSA, postponed)vulnerableVersions of the package jquery-validation before 1.20.0 are vulnerable ...
CVE-2023-28115vulnerable (no DSA)fixedSnappy is a PHP library allowing thumbnail, snapshot or PDF generation ...
CVE-2023-25440vulnerable (no DSA)fixedStored Cross Site Scripting (XSS) vulnerability in the add contact fun ...
CVE-2021-21252vulnerable (no DSA)fixedThe jQuery Validation Plugin provides drop-in validation for your exis ...

Resolved issues

BugDescription
TEMP-0887330-0F8779Multiple vulnerabilities in CiviCRM
CVE-2020-36389In CiviCRM before 5.28.1 and CiviCRM ESR before 5.27.5 ESR, the CKEdit ...
CVE-2020-36388In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3, user ...
CVE-2018-1999022PEAR HTML_QuickForm version 3.2.14 contains an eval injection (CWE-95) ...
CVE-2013-5957Multiple SQL injection vulnerabilities in CRM/Core/Page/AJAX/Location. ...
CVE-2013-4662The Quick Search API in CiviCRM 4.2.0 through 4.2.9 and 4.3.0 through ...
CVE-2013-4661CiviCRM 2.0.0 through 4.2.9 and 4.3.0 through 4.3.3 does not properly ...
CVE-2011-5239CiviCRM 4.0.5 and 4.1.1 does not verify that the server hostname match ...
Search for package or bug name: Reporting problems