320 matches found
CVE-2025-27144 affecting package influxdb for versions less than 2.7.5-2
CVE-2025-27144 affecting package influxdb for versions less than 2.7.5-2. A patched version of the package is available...
CVE-2025-22868 affecting package influxdb for versions less than 2.7.5-2
CVE-2025-22868 affecting package influxdb for versions less than 2.7.5-2. A patched version of the package is available...
AZL-58386 CVE-2025-22870 affecting package influxdb for versions less than 2.6.1-22
Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPROXY environment variable is set to ".example.com", a request to "::1%25.example.com:80 will incorrectly match and not be proxied...
AZL-58419 CVE-2025-22870 affecting package influxdb for versions less than 2.7.5-4
Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID as a hostname component. For example, when the NOPROXY environment variable is set to ".example.com", a request to "::1%25.example.com:80 will incorrectly match and not be proxied...
CVE-2025-27144 affecting package influxdb for versions less than 2.6.1-21
CVE-2025-27144 affecting package influxdb for versions less than 2.6.1-21. A patched version of the package is available...
CVE-2023-44487 affecting package influxdb for versions less than 2.6.1-11
CVE-2023-44487 affecting package influxdb for versions less than 2.6.1-11. A patched version of the package is available...
AZL-57338 CVE-2025-22868 affecting package influxdb for versions less than 2.7.5-2
An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing...
AZL-57129 CVE-2025-27144 affecting package influxdb for versions less than 2.7.5-2
Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption JWE, JSON Web Signature JWS, and JSON Web Token JWT standards. In versions on the 4.x branch prior to version 4.0.5, when parsing compact JWS or JWE...
Azure Linux 3.0 Security Update: cert-manager / influxdb / keda / libcontainers-common / packer (CVE-2024-6104)
The version of cert-manager / influxdb / keda / libcontainers-common / packer installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-6104 advisory. - go-retryablehttp prior to 0.7.7 did not sanitize urls...
CVE-2024-28180 affecting package influxdb for versions less than 2.7.3-9
CVE-2024-28180 affecting package influxdb for versions less than 2.7.3-9. A patched version of the package is available...
Malicious code in ig-lighthouse-to-influxdb (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92e8d076b669d18ea59535f03270a27adbfc6b0717789403453fabeb522b988b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-576 Malicious code in ig-lighthouse-to-influxdb (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 92e8d076b669d18ea59535f03270a27adbfc6b0717789403453fabeb522b988b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-28180 affecting package influxdb for versions less than 2.6.1-20
CVE-2024-28180 affecting package influxdb for versions less than 2.6.1-20. A patched version of the package is available...
CVE-2024-45338 affecting package influxdb for versions less than 2.7.3-8
CVE-2024-45338 affecting package influxdb for versions less than 2.7.3-8. A patched version of the package is available...
CVE-2024-45338 affecting package influxdb for versions less than 2.6.1-19
CVE-2024-45338 affecting package influxdb for versions less than 2.6.1-19. A patched version of the package is available...
CVE-2024-24786 affecting package influxdb for versions less than 2.6.1-18
CVE-2024-24786 affecting package influxdb for versions less than 2.6.1-18. A patched version of the package is available...
AZL-54437 CVE-2024-45338 affecting package influxdb for versions less than 2.7.3-9
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...
AZL-54524 CVE-2024-45338 affecting package influxdb for versions less than 2.6.1-19
An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...
CVE-2024-24786 affecting package influxdb for versions less than 2.7.3-7
CVE-2024-24786 affecting package influxdb for versions less than 2.7.3-7. A patched version of the package is available...
SUSE CVE-2024-30896
InfluxDB OSS 2.x through 2.7.11 stores the administrative operator token under the default organization which allows authorized users with read access to the authorization resource of the default organization to retrieve the operator token. InfluxDB OSS 1.x, Enterprise, Cloud, Cloud Dedicated and...