Package "check-mk"
Name: |
check-mk
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description. Description samples from packages in group:
- general purpose monitoring plugin for retrieving data
- general purpose monitoring plugin for retrieving data
- general purpose monitoring plugin for retrieving data
- general purpose monitoring plugin for retrieving data (documentation)
|
Latest version: |
1.2.8p16-1ubuntu0.2 |
Release: |
bionic (18.04) |
Level: |
security |
Repository: |
universe |
Links
Other versions of "check-mk" in Bionic
Packages in group
Deleted packages are displayed in grey.
Changelog
check-mk (1.2.8p16-1ubuntu0.2) bionic-security; urgency=medium
* SECURITY UPDATE: fix race condition vulnerability
- debian/patches/04_CVE-2017-14955.dpatch: fix race condition in userdb.py
- CVE-2017-14955
* SECURITY UPDATE: fix XSS vulnerability
- debian/patches/05_CVE-2017-9781.dpatch: fix xss in index.py
- debian/patches/06_CVE-2021-36563.dpatch: fix xss in valuespec.py
- debian/patches/07_CVE-2021-40906.dpatch: fix xss in metrics.py
- debian/patches/08_CVE-2022-24565.dpatch: fix xss in valuespec.py
- CVE-2017-9781
- CVE-2021-36563
- CVE-2021-40906
- CVE-2022-24565
-- Nishit Majithia <email address hidden> Tue, 19 Jul 2022 19:26:18 +0530
|
CVE-2017-14955 |
Check_MK before 1.2.8p26 mishandles certain errors within the failed-login save feature because of a race condition, which allows remote attackers to |
CVE-2017-9781 |
A cross site scripting (XSS) vulnerability exists in Check_MK versions 1.4.0x prior to 1.4.0p6, allowing an unauthenticated remote attacker to inject |
CVE-2021-36563 |
The CheckMK management web console (versions 1.5.0 to 2.0.0) does not sanitise user input in various parameters of the WATO module. This allows an at |
CVE-2021-40906 |
CheckMK Raw Edition software (versions 1.5.0 to 1.6.0) does not sanitise the input of a web service parameter that is in an unauthenticated zone. Thi |
CVE-2022-24565 |
Checkmk <=2.0.0p19 Fixed in 2.0.0p20 and Checkmk <=1.6.0p27 Fixed in 1.6.0p28 are affected by a Cross Site Scripting (XSS) vulnerability. The Alias o |
|
About
-
Send Feedback to @ubuntu_updates