Vulnerable Extension List

Joomla! Documentation Workgroup

Moderator: Documentation

Locked
User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 14789
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Vulnerable Extension List

Post by mandville » Mon Nov 09, 2009 10:17 pm

Today we have made the updated vulnerable extension list that was under construction a live document.
This is available at Vulnerable Extensions
which has replaced the old list that has been archived.
Reports of vulnerable extensions can be reported to the JED or posted in a topic clearly showing a vulnerable extension report.

How to use this list

[*]All known extensions are the listed in the first column.
[*]"Alert Advisory" details in the centre column (the date is in American format mm/dd/yyyy).
[*]The link to the advisory notice.
[*]Finally a link to the notice about any update or Not Known where none is known.

Any developer who has cleared the vulnerability or discontinued the extension should let us know so that we can mark it on the list.

Users, after checking the version of the extension they have installed, please check with the extension publisher in case of any questions over the security of their product if no update link is provided.

This list is compiled from found information and may not be an up to date accurate list. Items will be removed after a suitable period and not on resolution of the vulnerability.
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 14789
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Vulnerable Extension List

Post by mandville » Wed Jan 06, 2010 7:47 pm

aymen99 wrote:i wanted to report that com_ajaxchat but didn't know how,anyway it didn't want to work..
Reports of vulnerable extensions can be reported to the JED or posted in a topic clearly showing a vulnerable extension report.

com_ajax chat is listed on the vulnerable extension list, back in November
http://docs.joomla.org/Vulnerable_Exten ... ty_Reports.
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}

User avatar
localizador1709
Joomla! Apprentice
Joomla! Apprentice
Posts: 16
Joined: Thu Apr 09, 2009 10:03 pm
Location: São Paulo - Brasil
Contact:

Re: Vulnerable Extension List

Post by localizador1709 » Sun Mar 04, 2012 3:19 pm

How to alert users of problems they may face? It would be possible, so that the extensions entered in the list, an alert is sent to users? That would be a way to filter these problems and make developers ensure product quality. Advertising of the problem is also care for the Joomla.

User avatar
mandville
Joomla! Master
Joomla! Master
Posts: 14789
Joined: Mon Mar 20, 2006 1:56 am
Location: The Girly Side of Joomla in Sussex

Re: Vulnerable Extension List

Post by mandville » Sun Mar 04, 2012 4:55 pm

localizador1709 wrote:How to alert users of problems they may face? It would be possible, so that the extensions entered in the list, an alert is sent to users?

Notification of vel items is the same as most list, by subscription
you can follow vel by
rss - http://feeds.joomla.org/JoomlaSecurityV ... Extensions
twitter - @JoomlaVel
That would be a way to filter these problems and make developers ensure product quality.
i am not sure how you mean
Advertising of the problem is also care for the Joomla.
the vel team do advertise known issues by the list, so i think their duty of care is complete, i am not sure of the developers still in red though
HU2HY- Poor questions = Poor answer
Un requested Help PM's will be reported, added to the foe list and possibly just deleted
{VEL Team Leader}{TM Auditor }{ Showcase & Security forums Moderator}


Locked

Return to “docs.joomla.org - Feedback/Information”