VYPR
Moderate severityNVD Advisory· Published Mar 24, 2008· Updated Jun 16, 2026

CVE-2008-1474

CVE-2008-1474

Description

Multiple unspecified vulnerabilities in Roundup before 1.4.4 have unknown impact and attack vectors, some of which may be related to cross-site scripting (XSS).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
roundupPyPI
< 1.4.41.4.4

Affected products

96
  • cpe:2.3:a:roundup-tracker:roundup:*:*:*:*:*:*:*:*+ 94 more
    • cpe:2.3:a:roundup-tracker:roundup:*:*:*:*:*:*:*:*range: <=1.4.3
    • cpe:2.3:a:roundup-tracker:roundup:0.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.3.0:pre1:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.3.0:pre2:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.3.0:pre3:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.4.0:b1:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.4.0:b2:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.4.2:pr1:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.5.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.5.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.5.0:pr1:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.5.7:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.5.8:stable:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.5.9:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.6.0:b1:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.6.0:b2:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.6.0:b3:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.6.0:b4:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.6.10:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.6.11:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.6.4:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.6.6:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.6.7:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.6.8:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.6.9:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.7.0:b1:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.7.0:b2:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.7.0:b3:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.7.1:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.7.10:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.7.11:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.7.12:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.7.2:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.7.3:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.7.4:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.7.5:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.7.6:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.7.7:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.7.8:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.7.9:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.8.0:b1:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.8.0:b2:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.8.2:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.8.3:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.8.4:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.8.5:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.8.6:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:0.9.0:b1:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:1.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:1.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:1.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:1.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:1.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:1.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:1.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:1.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:1.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:roundup-tracker:roundup:1.4.2:*:*:*:*:*:*:*
    • (no CPE)range: <1.4.4
  • ghsa-coords
    Range: < 1.4.4

Patches

Vulnerability mechanics

References

18

News mentions

0

No linked articles in our index yet.