VulnerableCode Package Details - pkg:deb/debian/redmine@5.0.4-1?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-5j9e-c844-zuh1	Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due to insufficient permission checks. Depending on the configuration, this may require login as a registered user.	CVE-2022-44030
VCID-8trg-1f24-mff1	Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization of the blockquote syntax in Textile-formatted fields.	CVE-2022-44031
VCID-kmja-ehjr-e3cx	Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization in Redcloth3 Textile-formatted fields. Depending on the configuration, this may require login as a registered user.	CVE-2022-44637

Vulnerability

Summary

Aliases

VCID-5j9e-c844-zuh1

Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due to insufficient permission checks. Depending on the configuration, this may require login as a registered user.

CVE-2022-44030

VCID-8trg-1f24-mff1

Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization of the blockquote syntax in Textile-formatted fields.

CVE-2022-44031

VCID-kmja-ehjr-e3cx

Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization in Redcloth3 Textile-formatted fields. Depending on the configuration, this may require login as a registered user.

CVE-2022-44637

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T11:35:04.978501+00:00	Debian Importer	Fixing	VCID-kmja-ehjr-e3cx	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:00:59.647333+00:00	Debian Importer	Fixing	VCID-5j9e-c844-zuh1	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:02:14.852045+00:00	Debian Importer	Fixing	VCID-8trg-1f24-mff1	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T07:53:51.873005+00:00	Debian Importer	Fixing	VCID-kmja-ehjr-e3cx	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:28:39.385009+00:00	Debian Importer	Fixing	VCID-5j9e-c844-zuh1	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:43:58.082302+00:00	Debian Importer	Fixing	VCID-8trg-1f24-mff1	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:51:58.522128+00:00	Debian Importer	Fixing	VCID-kmja-ehjr-e3cx	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:51:58.483461+00:00	Debian Importer	Fixing	VCID-8trg-1f24-mff1	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:51:58.442881+00:00	Debian Importer	Fixing	VCID-5j9e-c844-zuh1	https://security-tracker.debian.org/tracker/data/json	38.1.0