Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-32918

Опубликовано: 04 июл. 2025
Источник: debian

Описание

Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions <2.4.0p6, <2.3.0p35, <2.2.0p44, and 2.1.0 (EOL) allows an authenticated user to inject arbitrary Livestatus commands.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
check-mkremovedpackage

Связанные уязвимости

ubuntu логотип

CVE-2025-32918

CVSS3: 8.8
ubuntu
7 месяцев назад

Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions <2.4.0p6, <2.3.0p35, <2.2.0p44, and 2.1.0 (EOL) allows an authenticated user to inject arbitrary Livestatus commands.

nvd логотип

CVE-2025-32918

CVSS3: 8.8
nvd
7 месяцев назад

Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions <2.4.0p6, <2.3.0p35, <2.2.0p44, and 2.1.0 (EOL) allows an authenticated user to inject arbitrary Livestatus commands.

github логотип

GHSA-2h2q-3qrx-m3j7

CVSS3: 8.8
github
7 месяцев назад

Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions <2.4.0p6, <2.3.0p35, <2.2.0p44, and 2.1.0 (EOL) allows an authenticated user to inject arbitrary Livestatus commands.