6 matches found
GO-2026-4712 Monitoring is vulnerable to Archive Slip due to missing checks in sanitization in github.com/ctfer-io/monitoring
Monitoring is vulnerable to Archive Slip due to missing checks in sanitization in github.com/ctfer-io/monitoring...
CVE-2026-32771
The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. In versions prior to 0.2.2, the sanitizeArchivePath function in pkg/extract/extract.go lines 248–254 is vulnerable to Path Traversal due to a missing...
Monitoring 路径遍历漏洞
Monitoring is an open-source component developed by CTFer.io for collecting and processing monitoring data. Versions of Monitoring prior to 0.2.2 contained a path traversal vulnerability. This vulnerability stemmed from the sanitizeArchivePath function’s inability to prevent path traversal, which...
CVE-2026-32720
The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. Prior to 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a component to any other namespace. This breaks the...
Monitoring 访问控制错误漏洞
Monitoring is an open-source component developed by CTFer.io for collecting and processing monitoring data. Versions of Monitoring prior to 0.2.1 contained a access control vulnerability, which was caused by errors in network policy writing. This vulnerability could allow malicious attackers to...
CVE-2026-32720 Improper Access Control in github.com/ctfer-io/monitoring
The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals i.e. logs, metrics and distributed traces. Prior to 0.2.1, due to a mis-written NetworkPolicy, a malicious actor can pivot from a component to any other namespace. This breaks the...