Known DHIS2 Vulnerabilities (CVEs)
On this page you can find a list of known, fixed, disclosed security vulnerabilities in past DHIS2 releases
Jump to a section on this page
List of known vulnerabilities (CVEs)
The DHIS2 security team participates in responsible disclosure. When vulnerabilities are discovered in released, supported versions of DHIS2, the team makes every effort to evaluate, address, and release fixes in a timely manner. Due to the sensitive nature of many DHIS2 implementations around the world, information relating to these vulnerabilities may be embargoed for some period of time. Eventually, the DHIS2 team endeavors to disclose any known vulnerabilities in older software versions once they have been fixed and sufficient time has passed to allow production DHIS2 implementations to upgrade their software.
The following is a list of known, fixed, disclosed security vulnerabilities in past DHIS2 releases: