5 matches found
CVE-2026-35587
Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, a Server-Side Request Forgery SSRF vulnerability exists in the Glances IP plugin due to improper validation of the publicapi configuration parameter. The value of publicapi is used directly in outbound HTTP...
CVE-2026-30928
Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, the /api/4/config REST API endpoint returns the entire parsed Glances configuration file glances.conf via self.config.asdict with no filtering of sensitive values. The configuration file contains credentials for all...
CVE-2026-30930
Glances is an open-source system cross-platform monitoring tool. Prior to 4.5.1, The TimescaleDB export module constructs SQL queries using string concatenation with unsanitized system monitoring data. The normalize method wraps string values in single quotes but does not escape embedded single...
[SECURITY] Fedora 36 Update: glances-3.3.0.1-2.fc36
Glances is a cross-platform monitoring tool which aims to present a large amount of monitoring information through a curses or Web based interface. The information dynamically adapts depending on the size of the user interface It can also work in client/server mode. Remote monitoring could be don...
The vulnerability of the Glances monitoring tool arises from improper restrictions on XML links to external objects. This allows attackers to access confidential data, compromise its integrity, and cause service failures.
The vulnerability of the Glances monitoring tool is related to incorrect restrictions on XML links to external objects. Exploiting this vulnerability allows a remote attacker to access confidential data, compromise its integrity, and cause service failures...