| Bug | stretch | buster | bullseye | sid | Description |
|---|
| CVE-2021-33829 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | A cross-site scripting (XSS) vulnerability in the HTML Data Processor ... |
| CVE-2021-26272 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | It was possible to execute a ReDoS-type attack inside CKEditor 4 befor ... |
| CVE-2021-26271 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | It was possible to execute a ReDoS-type attack inside CKEditor 4 befor ... |
| CVE-2021-21391 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | CKEditor 5 provides a WYSIWYG editing solution. This CVE affects the f ... |
| CVE-2018-17960 | vulnerable (no DSA) | fixed | fixed | fixed | CKEditor 4.x before 4.11.0 allows user-assisted XSS involving a source ... |