CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32696 – Excessive permissions for ckan user
https://notcve.org/view.php?id=CVE-2023-32696
CKAN is an open-source data management system for powering data hubs and data portals. Prior to versions 2.9.9 and 2.10.1, the `ckan` user (equivalent to www-data) owned code and configuration files in the docker container and the `ckan` user had the permissions to use sudo. These issues allowed for code execution or privilege escalation if an arbitrary file write bug was available. Versions 2.9.9, 2.9.9-dev, 2.10.1, and 2.10.1-dev contain a patch. • https://github.com/ckan/ckan-docker-base/commit/5483c46ce9b518a4e1b626ef7032cce2c1d75c7d https://github.com/ckan/ckan-docker-base/security/advisories/GHSA-c74x-xfvr-x5wg • CWE-269: Improper Privilege Management •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32321 – CKAN remote code execution and private information access via crafted resource ids
https://notcve.org/view.php?id=CVE-2023-32321
CKAN is an open-source data management system for powering data hubs and data portals. Multiple vulnerabilities have been discovered in Ckan which may lead to remote code execution. An arbitrary file write in `resource_create` and `package_update` actions, using the `ResourceUploader` object. Also reachable via `package_create`, `package_revise`, and `package_patch` via calls to `package_update`. Remote code execution via unsafe pickle loading, via Beaker's session store when configured to use the file session store backend. • https://github.com/ckan/ckan/blob/2a6080e61d5601fa0e2a0317afd6a8e9b7abf6dd/CHANGELOG.rst https://github.com/ckan/ckan/security/advisories/GHSA-446m-hmmm-hm8m • CWE-20: Improper Input Validation •