CVE-2018-18838

Опубликовано: 18 июн. 2019

Источник: debian

Описание

An issue was discovered in Netdata 1.10.0. Log Injection (or Log Forgery) exists via a %0a sequence in the url parameter to api/v1/registry.

Пакет	Статус	Версия исправления	Релиз	Тип
netdata	fixed	1.11.1+dfsg-1		package

https://github.com/netdata/netdata/pull/4521
https://github.com/netdata/netdata/commit/92327c9ec211bd1616315abcb255861b130b97ca

CVE-2018-18838

CVSS3: 7.5

ubuntu

больше 6 лет назад

An issue was discovered in Netdata 1.10.0. Log Injection (or Log Forgery) exists via a %0a sequence in the url parameter to api/v1/registry.

CVE-2018-18838

CVSS3: 7.5

nvd

больше 6 лет назад

An issue was discovered in Netdata 1.10.0. Log Injection (or Log Forgery) exists via a %0a sequence in the url parameter to api/v1/registry.

GHSA-hqrf-v6fm-gv6x

github

больше 3 лет назад

An issue was discovered in Netdata 1.10.0. Log Injection (or Log Forgery) exists via a %0a sequence in the url parameter to api/v1/registry.

openSUSE-SU-2021:1603-1

suse-cvrf

около 4 лет назад

Security update for netdata

openSUSE-SU-2021:0647-1

suse-cvrf

почти 5 лет назад

Security update for netdata