Known vulnerabilities in Directus Directus

Vendor: Directus
Website: https://directus.io/
Total Security Bulletins: 31

Security bulletins (31)

Secuity bulletin Severity Status Published
SB20260423140: Server-Side Request Forgery (SSRF) in Directus Low
Patched
23.04.2026
SB20260423139: Multiple vulnerabilities in Directus Medium
Patched
23.04.2026
SB20260423138: Multiple vulnerabilities in Directus High
Patched
23.04.2026
SB20260423137: Observable discrepancy in Directus Medium
Patched
23.04.2026
SB20260423136: Multiple vulnerabilities in Directus Low
Patched
23.04.2026
SB20260423135: External Control of File Name or Path in Directus High
Patched
23.04.2026
SB2026010729: Open redirect in Directus Medium
Patched
07.01.2026
SB2025071821: Multiple vulnerabilities in Directus High
Patched
18.07.2025
SB2025032673: Multiple vulnerabilities in Directus High
Patched
26.03.2025
SB202502197196: Incorrect authorization in Directus Low
Patched
19.02.2025
SB2025012352: Improper privilege management in Directus Low
Patched
23.01.2025
SB2024120962: Information disclosure in Directus Medium
Patched
09.12.2024
SB2024120582: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in Directus Low
Patched
05.12.2024
SB2024100897: Multiple vulnerabilities in Directus Medium
Patched
08.10.2024
SB2024082858: Cross-site scripting in Directus Low
Patched Public exploit
28.08.2024
SB20240708107: Information disclosure in Directus Medium
Patched
08.07.2024
SB20240708106: Resource exhaustion in Directus Low
Patched
08.07.2024
SB20240708104: Multiple vulnerabilities in Directus Low
Patched
08.07.2024
SB20240708105: Server-Side Request Forgery (SSRF) in Directus Low
Patched
08.07.2024
SB2024060403: Denial of service in Directus Medium
Patched
04.06.2024


Showing elements 1 - 20 out of 31