pkg:Bitnami/civicrm

All known vulnerabilities

• HIGH8.8CVE-2020-36388In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3, users may be able to upload and execute a crafted PHAR archive.
  from 0, < 5.21.3, >= 5.22.0, < 5.24.3
• MEDIUM5.4CVE-2023-25440Stored Cross Site Scripting (XSS) vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code…
  >= 5.59-alpha1.0, <= 5.59-alpha1.0
• MEDIUM4.3CVE-2020-36389In CiviCRM before 5.28.1 and CiviCRM ESR before 5.27.5 ESR, the CKEditor configuration form allows CSRF.
  from 0, < 5.27.5, from 0, < 5.28.1