| Release | Version |
|---|---|
| bullseye | 1.6.9+ds-2+deb11u3 |
| bookworm | 1.6.33+ds-2.1 |
| sid | 1.6.33+ds-2.2 |
| Bug | bullseye | bookworm | sid | Description |
|---|---|---|---|---|
| CVE-2024-23831 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | LedgerSMB is a free web-based double-entry accounting system. When a L ... |
| Bug | Description |
|---|---|
| CVE-2021-3882 | LedgerSMB does not set the 'Secure' attribute on the session authoriza ... |
| CVE-2021-3731 | LedgerSMB does not sufficiently guard against being wrapped by other s ... |
| CVE-2021-3694 | LedgerSMB does not sufficiently HTML-encode error messages sent to the ... |
| CVE-2021-3693 | LedgerSMB does not check the origin of HTML fragments merged into the ... |
| DSA / DLA | Description |
|---|---|
| DSA-4962-2 | ledgersmb - regression update |
| DSA-4962-1 | ledgersmb - security update |