Bugs fixes in "awstats"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2022-46391 | AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks. | 2023-02-28 |
| CVE | CVE-2022-46391 | AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks. | 2023-02-28 |
| CVE | CVE-2022-46391 | AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks. | 2023-02-28 |
| CVE | CVE-2022-46391 | AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks. | 2023-02-28 |
| CVE | CVE-2022-46391 | AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks. | 2023-02-28 |
| CVE | CVE-2022-46391 | AWStats 7.x through 7.8 allows XSS in the hostinfo plugin due to printing a response from Net::XWhois without proper checks. | 2023-02-28 |
| CVE | CVE-2020-35176 | In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting the initial /etc), even though it was intended to on | 2021-05-13 |
| CVE | CVE-2017-1000501 | Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthen | 2021-05-13 |
| CVE | CVE-2020-29600 | In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/ | 2021-05-13 |
| CVE | CVE-2020-35176 | In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting the initial /etc), even though it was intended to on | 2021-05-13 |
| CVE | CVE-2017-1000501 | Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthen | 2021-05-13 |
| CVE | CVE-2020-29600 | In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/ | 2021-05-13 |
| CVE | CVE-2020-35176 | In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting the initial /etc), even though it was intended to on | 2021-05-13 |
| CVE | CVE-2017-1000501 | Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthen | 2021-05-13 |
| CVE | CVE-2020-29600 | In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/ | 2021-05-13 |
| CVE | CVE-2020-35176 | In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting the initial /etc), even though it was intended to on | 2021-05-13 |
| CVE | CVE-2017-1000501 | Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthen | 2021-05-13 |
| CVE | CVE-2020-29600 | In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/ | 2021-05-13 |
About
-
Send Feedback to @ubuntu_updates
