Package "check-mk-config-icinga"
Name: |
check-mk-config-icinga
|
Description: |
general purpose monitoring plugin for retrieving data
|
Latest version: |
1.2.8p16-1ubuntu0.2 |
Release: |
bionic (18.04) |
Level: |
security |
Repository: |
universe |
Head package: |
check-mk |
Links
Download "check-mk-config-icinga"
Other versions of "check-mk-config-icinga" in Bionic
Changelog
check-mk (1.2.8p16-1ubuntu0.2) bionic-security; urgency=medium
* SECURITY UPDATE: fix race condition vulnerability
- debian/patches/04_CVE-2017-14955.dpatch: fix race condition in userdb.py
- CVE-2017-14955
* SECURITY UPDATE: fix XSS vulnerability
- debian/patches/05_CVE-2017-9781.dpatch: fix xss in index.py
- debian/patches/06_CVE-2021-36563.dpatch: fix xss in valuespec.py
- debian/patches/07_CVE-2021-40906.dpatch: fix xss in metrics.py
- debian/patches/08_CVE-2022-24565.dpatch: fix xss in valuespec.py
- CVE-2017-9781
- CVE-2021-36563
- CVE-2021-40906
- CVE-2022-24565
-- Nishit Majithia <email address hidden> Tue, 19 Jul 2022 19:26:18 +0530
|
CVE-2017-14955 |
Check_MK before 1.2.8p26 mishandles certain errors within the failed-login save feature because of a race condition, which allows remote attackers to |
CVE-2017-9781 |
A cross site scripting (XSS) vulnerability exists in Check_MK versions 1.4.0x prior to 1.4.0p6, allowing an unauthenticated remote attacker to inject |
CVE-2021-36563 |
The CheckMK management web console (versions 1.5.0 to 2.0.0) does not sanitise user input in various parameters of the WATO module. This allows an at |
CVE-2021-40906 |
CheckMK Raw Edition software (versions 1.5.0 to 1.6.0) does not sanitise the input of a web service parameter that is in an unauthenticated zone. Thi |
CVE-2022-24565 |
Checkmk <=2.0.0p19 Fixed in 2.0.0p20 and Checkmk <=1.6.0p27 Fixed in 1.6.0p28 are affected by a Cross Site Scripting (XSS) vulnerability. The Alias o |
|
About
-
Send Feedback to @ubuntu_updates