Lucene search
K

6 matches found

OSV
OSV
added 2026/03/26 8:32 p.m.2 views

GO-2026-4712 Monitoring is vulnerable to Archive Slip due to missing checks in sanitization in github.com/ctfer-io/monitoring

Monitoring is vulnerable to Archive Slip due to missing checks in sanitization in github.com/ctfer-io/monitoring...

9.8CVSS5.9AI score0.00655EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/03/20 12:29 a.m.4 views

CVE-2026-32771

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. In versions prior to 0.2.2, the sanitizeArchivePath function in pkg/extract/extract.go lines 248–254 is vulnerable to Path Traversal due to a missing...

8.8CVSS5.8AI score0.00655EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.6 views

Monitoring 路径遍历漏洞

Monitoring is an open-source component developed by CTFer.io for collecting and processing monitoring data. Versions of Monitoring prior to 0.2.2 contained a path traversal vulnerability. This vulnerability stemmed from the sanitizeArchivePath function’s inability to prevent path traversal, which...

9.8CVSS6.8AI score0.00655EPSS
Exploits1References3
NVD
NVD
added 2026/03/16 2:19 p.m.5 views

CVE-2026-32720

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. Prior to 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a component to any other namespace. This breaks the...

7.1CVSS0.00262EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.8 views

Monitoring 访问控制错误漏洞

Monitoring is an open-source component developed by CTFer.io for collecting and processing monitoring data. Versions of Monitoring prior to 0.2.1 contained a access control vulnerability, which was caused by errors in network policy writing. This vulnerability could allow malicious attackers to...

7.1CVSS6.4AI score0.00262EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/13 9:27 p.m.33 views

CVE-2026-32720 Improper Access Control in github.com/ctfer-io/monitoring

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. Prior to 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a component to any other namespace. This breaks the...

7.1CVSS0.00262EPSS
Exploits0References1
Rows per page
Query Builder