Lucene search
MitreCVELIST:CVE-2018-18836HistoryJun 18, 2019 - 3:13 p.m.
CVE-2018-18836
2019-06-1815:13:26
mitre
www.cve.org
An issue was discovered in Netdata 1.10.0. JSON injection exists via the api/v1/data tqx parameter because of web_client_api_request_v1_data in web/api/web_api_v1.c.
References
github.com/netdata/netdata/blob/798c141c49ee85bddc8f48f25d2cb593ec96da07/web/api/web_api_v1.c#L388
github.com/netdata/netdata/blob/798c141c49ee85bddc8f48f25d2cb593ec96da07/web/api/web_api_v1.c#L403
github.com/netdata/netdata/commit/92327c9ec211bd1616315abcb255861b130b97ca
github.com/netdata/netdata/pull/4521
www.red4sec.com/cve/netdata_json_injection.txt
Related
debiancve
debiancve
CVE-2018-18836
2019-06-18 16:15:10
osv
osv
CVE-2018-18836
2019-06-18 16:15:10
prion
prion
Code injection
2019-06-18 16:15:00
ubuntucve
ubuntucve
CVE-2018-18836
2019-06-18 00:00:00
cve
cve
CVE-2018-18836
2019-06-18 16:15:10
nvd
nvd
CVE-2018-18836
2019-06-18 16:15:10
openvas
openvas
NetData < 1.11.0 Multiple Vulnerabilities
2019-06-28 00:00:00
openSUSE: Security Advisory for netdata (openSUSE-SU-2021:0647-1)
2021-05-02 00:00:00
suse
suse
Security update for netdata (moderate)
2021-05-15 00:00:00
Security update for netdata (moderate)
2021-05-01 00:00:00
Security update for netdata (moderate)
2021-12-20 00:00:00
nessus
nessus
openSUSE 15 Security Update : netdata (openSUSE-SU-2021:1603-1)
2021-12-21 00:00:00
openSUSE Security Update : netdata (openSUSE-2021-647)
2021-05-18 00:00:00