143 matches found
CVE-2022-23536
Cortex provides multi-tenant, long term storage for Prometheus. A local file inclusion vulnerability exists in Cortex versions 1.13.0, 1.13.1 and 1.14.0, where a malicious actor could remotely read local files as a result of parsing maliciously crafted Alertmanager configurations when submitted t...
Design/Logic Flaw
Cortex provides multi-tenant, long term storage for Prometheus. A local file inclusion vulnerability exists in Cortex versions 1.13.0, 1.13.1 and 1.14.0, where a malicious actor could remotely read local files as a result of parsing maliciously crafted Alertmanager configurations when submitted t...
CVE-2022-23536
The CVE-2022-23536 issue affects Cortex (multi-tenant storage for Prometheus) where a local file inclusion vulnerability exists in Cortex versions 1.13.0 , 1.13.1 , and 1.14.0 . A malicious actor could remotely read local files by submitting maliciously crafted Alertmanager configurations via the...
CVE-2022-23536 Alertmanager can expose local files content via specially crafted config
Cortex provides multi-tenant, long term storage for Prometheus. A local file inclusion vulnerability exists in Cortex versions 1.13.0, 1.13.1 and 1.14.0, where a malicious actor could remotely read local files as a result of parsing maliciously crafted Alertmanager configurations when submitted t...
CVE-2022-23536 Alertmanager can expose local files content via specially crafted config
Cortex provides multi-tenant, long term storage for Prometheus. A local file inclusion vulnerability exists in Cortex versions 1.13.0, 1.13.1 and 1.14.0, where a malicious actor could remotely read local files as a result of parsing maliciously crafted Alertmanager configurations when submitted t...
CVE-2022-23536 Alertmanager can expose local files content via specially crafted config
Cortex provides multi-tenant, long term storage for Prometheus. A local file inclusion vulnerability exists in Cortex versions 1.13.0, 1.13.1 and 1.14.0, where a malicious actor could remotely read local files as a result of parsing maliciously crafted Alertmanager configurations when submitted t...
Cortex's Alertmanager can expose local files content via specially crafted config
Impact A local file inclusion vulnerability exists in Cortex versions v1.13.0, v1.13.1 and v1.14.0, where a malicious actor could remotely read local files as a result of parsing maliciously crafted Alertmanager configurations when submitted to the Alertmanager Set Configuration API. Only users o...
GHSA-CQ2G-PW6Q-HF7J Cortex's Alertmanager can expose local files content via specially crafted config
Impact A local file inclusion vulnerability exists in Cortex versions v1.13.0, v1.13.1 and v1.14.0, where a malicious actor could remotely read local files as a result of parsing maliciously crafted Alertmanager configurations when submitted to the Alertmanager Set Configuration API. Only users o...
cortex 安全漏洞
cortex is a software application. It provides horizontally scalable, high-availability, multi-tenant long-term storage. A security vulnerability exists in cortex versions 1.13.0, 1.13.1, and 1.14.0. An attacker exploits the vulnerability to remotely read local files by parsing a maliciously...
PT-2022-16058 · Cortex · Cortex
Name of the Vulnerable Software and Affected Versions: Cortex versions 1.13.0 through 1.13.1 Cortex version 1.14.0 Description: A local file inclusion issue exists in Cortex, where a malicious actor could remotely read local files as a result of parsing maliciously crafted Alertmanager...
SUSE: Security Advisory (SUSE-SU-2022:3747-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Malicious code in alertmanager-discord (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c92529dfaccd07820ddd93ed2fec70a6d47f530856ae6a0b87780945480fb99 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-928 Malicious code in alertmanager-discord (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c92529dfaccd07820ddd93ed2fec70a6d47f530856ae6a0b87780945480fb99 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Fedora: Security Advisory for golang-github-prometheus-alertmanager (FEDORA-2022-3969b64d4b)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Malicious Package
Overview alertmanager-discord is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...
[SECURITY] Fedora 35 Update: golang-github-prometheus-alertmanager-0.23.0-10.fc35
The Alertmanager handles alerts sent by client applications such as the Prometheus server. It takes care of deduplicating, grouping, and routing them to the correct receiver integrations such as email, PagerDuty, or OpsGenie. It a lso takes care of silencing and inhibition of alerts...
Fedora: Security Advisory for golang-github-prometheus-alertmanager (FEDORA-2022-fae3ecee19)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 36 Update: golang-github-prometheus-alertmanager-0.23.0-9.fc36
The Alertmanager handles alerts sent by client applications such as the Prometheus server. It takes care of deduplicating, grouping, and routing them to the correct receiver integrations such as email, PagerDuty, or OpsGenie. It a lso takes care of silencing and inhibition of alerts...
openSUSE: Security Advisory for golang-github-prometheus-alertmanager (SUSE-SU-2022:2139-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2022:2134-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...