CVE-2018-1000833

Опубликовано: 20 дек. 2018

Источник: debian

Описание

ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
zoneminder	fixed	1.32.3-1	experimental	package
zoneminder	fixed	1.32.3-2		package

Примечания

https://0dd.zone/2018/10/28/zoneminder-Object-Injection-2/
https://github.com/ZoneMinder/zoneminder/issues/2272
https://github.com/ZoneMinder/zoneminder/pull/2273
https://github.com/ZoneMinder/zoneminder/commit/f790eacc92f687442ae24df7a48f54861a4518b3 (1.32.3)

Связанные уязвимости

CVE-2018-1000833

CVSS3: 9.8

ubuntu

около 7 лет назад

ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution.

CVE-2018-1000833

CVSS3: 9.8

nvd

около 7 лет назад

ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution.

GHSA-gf3j-qpxp-849p

CVSS3: 9.8

github

больше 3 лет назад

ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution.