Detections
Analytics

CVE-2009-4405

high

Description

Multiple unspecified vulnerabilities in Trac before 0.11.6 have unknown impact and attack vectors, possibly related to (1) "policy checks in report results when using alternate formats" or (2) a "check for the 'raw' role that is missing in docutils < 0.6."

References

https://www.redhat.com/archives/fedora-package-announce/2009-December/msg01169.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/54983

https://bugzilla.redhat.com/show_bug.cgi?id=542394

http://www.vupen.com/english/advisories/2009/3615

http://trac.edgewall.org/browser/tags/trac-0.11.6/RELEASE

http://secunia.com/advisories/37901

http://secunia.com/advisories/37807

Details

Source: Mitre, NVD

Published: 2009-12-23

Updated: 2026-04-23

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Severity: High

CVSS v4

Base Score: 8.7

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

Severity: High

EPSS

EPSS: 0.00572