Bugzilla Vulnerabilities

Affected Versions (177): 2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 2.8, 2.9, 2.10, 2.11, 2.12, 2.13, 2.14, 2.14.1, 2.14.2, 2.14.3, 2.14.4, 2.14.5, 2.15, 2.16, 2.16.1, 2.16.2, 2.16.3, 2.16.4, 2.16.5, 2.16.6, 2.16.7, 2.16.8, 2.16.9, 2.16.11, 2.17, 2.17.1, 2.17.2, 2.17.3, 2.17.4, 2.17.5, 2.17.6, 2.17.7, 2.18, 2.18.1, 2.18.2, 2.18.3, 2.18.4, 2.18.5, 2.19, 2.19.1, 2.19.2, 2.19.3, 2.20, 2.20.1, 2.20.2, 2.20.3, 2.20.4, 2.21, 2.21.1, 2.21.2, 2.22, 2.22.1, 2.22.2, 2.22.3, 2.22.4, 2.23, 2.23.1, 2.23.2, 2.23.3, 2.23.4, 3, 3.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.0.6, 3.0.7, 3.0.8, 3.1, 3.1.1, 3.1.2, 3.1.3, 3.1.4, 3.2, 3.2.1, 3.2.2, 3.2.3, 3.2.4, 3.3, 3.3.1, 3.3.2, 3.3.3, 3.3.4, 3.4, 3.4.1, 3.4.2, 3.4.3, 3.4.4, 3.5, 3.5.1, 3.5.2, 3.5.3, 3.6, 3.6.1, 3.6.2, 3.6.3, 3.6.4, 3.6.5, 3.6.6, 3.6.7, 3.6.8, 3.6.9, 3.6.11, 3.6.12, 3.7, 3.7.1, 3.7.2, 3.7.3, 4, 4.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7, 4.0.8, 4.0.9, 4.0.11, 4.0.12, 4.0.13, 4.1, 4.1.1, 4.1.2, 4.1.3, 4.2, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 4.2.5, 4.2.6, 4.2.7, 4.2.8, 4.2.9, 4.2.11, 4.2.12, 4.2.13, 4.2.14, 4.3, 4.3.1, 4.3.2, 4.3.3, 4.4, 4.4.1, 4.4.2, 4.4.3, 4.4.4, 4.4.5, 4.4.6, 4.4.7, 4.4.8, 4.4.9, 4.4.11, 4.4.12, 4.4rc1, 4.5, 4.5.1, 4.5.2, 4.5.3, 4.5.4, 5, 5.0, 5.0.1, 5.0.2, 5.0.3

Software Type: Bug Tracking Software

PublishedBaseTempVulnerability0dayTodayExpRemCTICVE
04/04/20196.06.0Bugzilla Plugin Global Configuration Credentials credentials management$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2019-1003066
02/16/20186.56.2Bugzilla report.cgi cross-site request forgery$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2018-5123
04/12/20175.24.9Bugzilla Dependency Graph cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2016-2803
01/03/20164.14.0Bugzilla CSV File Template.pm information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2015-8509
01/03/20164.74.5Bugzilla Bug Summary showdependencygraph.cgi cross site scripting$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2015-8508
09/10/20157.36.4Mozilla Bugzilla Email Address Util.pm input validation$25k-$100k$0-$5kUnprovenOfficial Fix0.03CVE-2015-4499
02/01/20156.36.0Mozilla Bugzilla command injection$25k-$100k$0-$5kNot DefinedOfficial Fix0.04CVE-2014-8630
10/06/20144.34.1Mozilla Bugzilla cross site scripting$5k-$25k$0-$5kHighOfficial Fix0.00CVE-2014-1573
10/06/20145.34.6Mozilla Bugzilla Account Creation access control$25k-$100k$0-$5kUnprovenOfficial Fix0.00CVE-2014-1572
10/06/20145.34.6Mozilla Bugzilla Comment information disclosure$25k-$100k$0-$5kUnprovenOfficial Fix0.02CVE-2014-1571
07/24/20144.34.1Mozilla Bugzilla JSONP Endpoint cross-site request forgery$5k-$25k$0-$5kHighOfficial Fix0.02CVE-2014-1546
04/18/20145.34.8Mozilla Bugzilla Data Display improper authentication$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.04CVE-2014-1517
10/17/20134.33.9Mozilla Bugzilla cross site scripting$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.04CVE-2013-1743
10/17/20136.35.7Mozilla Bugzilla editflagtypes.cgi cross site scripting$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.06CVE-2013-1742
10/17/20135.44.9Mozilla Bugzilla CSRF Token process_bug.cgi cross-site request forgery$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.04CVE-2013-1733
10/17/20135.44.9Mozilla Bugzilla CSRF Token attachment.cgi cross-site request forgery$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.05CVE-2013-1734
02/24/20134.34.1Mozilla Bugzilla Error Message build_subselect information disclosure$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2013-0786
02/16/20136.35.7Bugzilla show_bug.cgi cross site scripting$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.04CVE-2013-0785
11/16/20124.34.3Mozilla Bugzilla swfstore.swf cross site scripting$5k-$25k$0-$5kNot DefinedNot Defined0.00CVE-2012-5883
11/13/20125.34.6Bugzilla code-error.html.tmpl information disclosure$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.05CVE-2012-4197
11/13/20125.55.3Bugzilla report-table.html.tmpl cross site scripting$0-$5k$0-$5kHighOfficial Fix0.09CVE-2012-4189
11/13/20125.35.1Bugzilla Custom Field information disclosure$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2012-4199
11/13/20125.34.6Bugzilla User.get information disclosure$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.07CVE-2012-4198
09/04/20125.35.3Mozilla Bugzilla access control$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2012-4747
08/30/20126.55.9Mozilla Bugzilla Username Parser search credentials management$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.06CVE-2012-3981

134 more entries are not shown

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!