CVE-2020-16248

Опубликовано: 09 авг. 2020

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

CVSS3: 5.8

Описание

Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF. NOTE: follow-on discussion suggests that this might plausibly be interpreted as both intended functionality and also a vulnerability

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	not-affected	disputed
esm-apps/bionic	not-affected	disputed
esm-apps/focal	not-affected	disputed
esm-apps/jammy	not-affected	disputed
esm-apps/noble	not-affected	disputed
esm-infra-legacy/trusty	DNE
focal	not-affected	disputed
groovy	ignored	end of life
hirsute	ignored	end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 87%

0.03527

Низкий

5 Medium

CVSS2

5.8 Medium

CVSS3

Связанные уязвимости

CVE-2020-16248

CVSS3: 5.8

nvd

больше 5 лет назад

CVE-2020-16248

CVSS3: 5.8

debian

больше 5 лет назад

Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF ...

GHSA-8jrj-57gq-475g

CVSS3: 5.8

github

больше 3 лет назад

** DISPUTED ** Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF. NOTE: follow-on discussion suggests that this might plausibly be interpreted as both intended functionality and also a vulnerability.

EPSS

Процентиль: 87%

0.03527

Низкий

5 Medium

CVSS2

5.8 Medium

CVSS3

CVE-2020-16248

Описание

Пакет prometheus-blackbox-exporter

Ссылки на источники

Связанные уязвимости