Vulnerabilities (CVE)

Filtered by vendor Deluge-torrent Subscribe

Filtered by product Deluge

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-7178	2 Debian, Deluge-torrent	2 Debian Linux, Deluge	2020-07-08	6.8 MEDIUM	8.8 HIGH
CSRF was discovered in the web UI in Deluge before 1.3.14. The exploitation methodology involves (1) hosting a crafted plugin that executes an arbitrary program from its __init__.py file and (2) causing the victim to download, install, and enable this plugin.
CVE-2017-9031	1 Deluge-torrent	1 Deluge	2017-11-04	7.5 HIGH	9.8 CRITICAL
The WebUI component in Deluge before 1.3.15 contains a directory traversal vulnerability involving a request in which the name of the render file is not associated with any template file.