Search for packages
Package details: pkg:npm/ckeditor@4.16.0
purl pkg:npm/ckeditor@4.16.0
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-4mr7-bt53-hqhv Inclusion of Functionality from Untrusted Control Sphere in CKEditor 4 It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space (in the Autolink plugin). CVE-2021-26272
GHSA-wpvm-wqr4-p7cw
VCID-gqad-5dqp-37g2 CKEditor 4 ReDoS Vulnerability It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs plugin). CVE-2021-26271
GHSA-jv4c-7jqq-m34x

Date Actor Action Vulnerability Source VulnerableCode Version
2025-07-03T13:55:58.558448+00:00 GitLab Importer Fixing VCID-gqad-5dqp-37g2 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ckeditor/CVE-2021-26271.yml 36.1.3
2025-07-03T13:55:58.222021+00:00 GitLab Importer Fixing VCID-4mr7-bt53-hqhv https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/ckeditor/CVE-2021-26272.yml 36.1.3