34 matches found
Security update for icinga-php-library, icingaweb2 (moderate)
openSUSE Security Update: Security update for icinga-php-library, icingaweb2 Announcement ID: openSUSE-SU-2025:0473-1 Rating: moderate References: Cross-References: CVE-2025-27404 CVE-2025-27405 CVE-2025-27609 CVE-2025-30164 CVSS scores: CVE-2025-27404 SUSE: 7.6...
EUVD-2023-34986
Malicious code in bioql PyPI...
SUSE CVE-2024-24819
icingaweb2-module-incubator is a working project of bleeding edge Icinga Web 2 libraries. In affected versions the class gipfl\Web\Form is the base for various concrete form implementations 1 and provides protection against cross site request forgery CSRF by default. This is done by automatically...
CVE-2024-24819
icingaweb2-module-incubator is a working project of bleeding edge Icinga Web 2 libraries. In affected versions the class gipfl\Web\Form is the base for various concrete form implementations 1 and provides protection against cross site request forgery CSRF by default. This is done by automatically...
CVE-2024-24819 icingaweb2-module-incubator base implementation for HTML forms is susceptible to CSRF
icingaweb2-module-incubator is a working project of bleeding edge Icinga Web 2 libraries. In affected versions the class gipfl\Web\Form is the base for various concrete form implementations 1 and provides protection against cross site request forgery CSRF by default. This is done by automatically...
CVE-2024-24819 icingaweb2-module-incubator base implementation for HTML forms is susceptible to CSRF
icingaweb2-module-incubator is a working project of bleeding edge Icinga Web 2 libraries. In affected versions the class gipfl\Web\Form is the base for various concrete form implementations 1 and provides protection against cross site request forgery CSRF by default. This is done by automatically...
PT-2024-20585 · Unknown · Icingaweb2-Module-Incubator
Name of the Vulnerable Software and Affected Versions: icingaweb2-module-incubator versions prior to 0.22.0 Description: The issue concerns the class gipflWebForm, which is the base for various concrete form implementations and provides protection against cross-site request forgery CSRF by defaul...
Cross site request forgery (csrf)
icingaweb2-module-jira provides integration with Atlassian Jira. Starting in version 1.3.0 and prior to version 1.3.2, template and field configuration forms perform the deletion action before user input is validated, including the cross site request forgery token. This issue is fixed in version...
CVE-2023-30607 icingaweb2-module-jira template and field configuration are susceptible to CSRF
icingaweb2-module-jira provides integration with Atlassian Jira. Starting in version 1.3.0 and prior to version 1.3.2, template and field configuration forms perform the deletion action before user input is validated, including the cross site request forgery token. This issue is fixed in version...
CVE-2023-30607 icingaweb2-module-jira template and field configuration are susceptible to CSRF
icingaweb2-module-jira provides integration with Atlassian Jira. Starting in version 1.3.0 and prior to version 1.3.2, template and field configuration forms perform the deletion action before user input is validated, including the cross site request forgery token. This issue is fixed in version...
CVE-2023-30607
The CVE-2023-30607 issue affects icingaweb2-module-jira. In versions 1.3.0 up to, but not including, 1.3.2, template and field configuration forms perform a deletion action before user input validation, including the CSRF token, enabling a cross-site request forgery condition as described by mult...
Atlassian Jira 跨站请求伪造漏洞
Atlassian Jira is a defect tracking management system from Atlassian Australia. The system is mainly used for tracking and managing all kinds of issues and defects in the workplace. Atlassian Jira icingaweb2-module-jira versions prior to 1.3.0 through 1.3.2 are vulnerable to a cross-site request...
Exploit for Path Traversal in Icinga Icinga_Web_2
CVE-2022-24716 Arbitrary File Disclosure Vulnerability in Ici...
OPENSUSE-SU-2022:0097-1 Security update for icingaweb2
This update for icingaweb2 fixes the following issues: icingaweb2 was updated to 2.8.6 This is a security release. Security Fixes - CVE-2022-24715: SSH resources allow arbitrary code execution for authenticated users GHSA-v9mv-h52f-7g63 boo1196911 - CVE-2022-24714: Unwanted disclosure of hosts an...
Security update for icingaweb2 (important)
openSUSE Security Update: Security update for icingaweb2 Announcement ID: openSUSE-SU-2022:0097-1 Rating: important References: 1196911 1196913 Cross-References: CVE-2022-24714 CVE-2022-24715 CVSS scores: CVE-2022-24714 NVD : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2022-24715 NVD : 8...
OPENSUSE-SU-2022:0087-1 Security update for icingaweb2
This update for icingaweb2 fixes the following issues: icingaweb2 was updated to 2.8.6 This is a security release. Security Fixes - CVE-2022-24715: SSH resources allow arbitrary code execution for authenticated users GHSA-v9mv-h52f-7g63 boo1196911 - CVE-2022-24714: Unwanted disclosure of hosts an...
Security update for icingaweb2 (important)
openSUSE Security Update: Security update for icingaweb2 Announcement ID: openSUSE-SU-2022:0087-1 Rating: important References: 1196911 1196913 Cross-References: CVE-2022-24714 CVE-2022-24715 CVSS scores: CVE-2022-24714 NVD : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2022-24715 NVD : 8...
Icinga Web 2 路径遍历漏洞
Icinga Web 2 is an application that supports Icinga 2, Icinga Core, and any other IDO database-compatible monitoring backend, developed by the Icinga Project as a next-generation open source monitoring web interface, framework, and command line interface. Icinga Web 2 suffers from a path traversa...
openSUSE Security Update : icingaweb2 (openSUSE-2020-1674)
This update for icingaweb2 fixes the following issues : - icingaweb2 was updated to 2.7.4 - CVE-2020-24368: Fixed a path Traversal which could have allowed an attacker to access arbitrary files which are readable by the process running boo1175530. C Tenable Network Security, Inc. The descriptive...
openSUSE: Security Advisory for icingaweb2 (openSUSE-SU-2020:1674-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...