exploitDog

SUSE-SU-2022:3895-1

Опубликовано: 08 нояб. 2022

Источник: suse-cvrf

Описание

Security update for ganglia-web

This update for ganglia-web fixes the following issues:

updated to 3.7.5 which fixes (bsc#1179835)
CVE-2019-20378: Fixed a possible XSS via ce and cs parameters in header.php (bsc#1160761).

Список пакетов

SUSE Linux Enterprise Module for HPC 12

ganglia-web-3.7.5-3.8.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20223895-1/
Link for SUSE-SU-2022:3895-1
https://lists.suse.com/pipermail/sle-security-updates/2022-November/012840.html
E-Mail link for SUSE-SU-2022:3895-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1088887
SUSE Bug 1088887
https://bugzilla.suse.com/1160761
SUSE Bug 1160761
https://bugzilla.suse.com/1179835
SUSE Bug 1179835
https://www.suse.com/security/cve/CVE-2019-20378/
SUSE CVE CVE-2019-20378 page

Описание

ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php ce parameter.

Затронутые продукты

SUSE Linux Enterprise Module for HPC 12:ganglia-web-3.7.5-3.8.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-20378.html
CVE-2019-20378
https://bugzilla.suse.com/1160760
SUSE Bug 1160760
https://bugzilla.suse.com/1160761
SUSE Bug 1160761