AVG-1920 log

Package redmine
Status Vulnerable
Severity Medium
Type multiple issues
Affected 4.2.1-1
Fixed Unknown
Current 4.2.1-1 [community]
Ticket Create
Created Wed May 5 17:09:11 2021
Issue Severity Remote Type Description
CVE-2021-22904 Low Yes Denial of service
There is a possible denial of service (DoS) vulnerability in the Token Authentication logic in Action Controller before versions,,
CVE-2021-22885 Medium Yes Information disclosure
There is a possible information disclosure/unintended method execution vulnerability in Action Pack before versions,, and 5.2.6 when...
Action Pack version 5.2.5 is bundled with Redmine version 4.2.1.