openslides

PyPI3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting openslidespage 1 of 1

CVE-2020-26280HIGHCVSS 8.9EG 8.9✓ Fixed in 3.3
2020-12-18
vulnerable: 1.3-rc1 ... 3.2 (27 versions)
OpenSlides is a free, Web-based presentation and assembly system for managing and projecting agenda, motions, and elections of assemblies. OpenSlides version 3.2, due to unsufficient user input validation and escaping, it is vulnerable to …
CVE-2024-22892HIGHCVSS 7.5EG 7.5
2024-09-25
vulnerable: 1.3 ... 3.3 (28 versions)
OpenSlides 4.0.15 was discovered to be using a weak hashing algorithm to store passwords.
CVE-2024-22893HIGHCVSS 7.5EG 7.5
2024-09-25
vulnerable: 1.3 ... 3.3 (28 versions)
OpenSlides 4.0.15 verifies passwords by comparing password hashes using a function with content-dependent runtime. This can allow attackers to obtain information about the password hash using a timing attack.

Check whether openslides is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for openslides CVEs against the assets you own.

Start Free Scan →