Количество 8
Количество 8
CVE-2023-40577
Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51.
CVE-2023-40577
Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51.
CVE-2023-40577
Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51.
CVE-2023-40577
Alertmanager handles alerts sent by client applications such as the Pr ...
SUSE-SU-2024:0512-1
Security update for golang-github-prometheus-alertmanager
ROS-20240827-17
Уязвимость golang-github-prometheus-alertmanager
GHSA-v86x-5fm3-5p7j
Alertmanager UI is vulnerable to stored XSS via the /api/v1/alerts endpoint
BDU:2024-06600
Уязвимость файла /api/v1/alerts системы мониторинга Prometheus для обработки оповещений Alertmanager, позволяющая нарушителю выполнить произвольный код
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-40577 Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51. | CVSS3: 7.5 | 2% Низкий | почти 2 года назад |
 | CVE-2023-40577 Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51. | CVSS3: 7.5 | 2% Низкий | почти 2 года назад |
 | CVE-2023-40577 Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51. | CVSS3: 7.5 | 2% Низкий | почти 2 года назад |
| CVE-2023-40577 Alertmanager handles alerts sent by client applications such as the Pr ... | CVSS3: 7.5 | 2% Низкий | почти 2 года назад |
 | SUSE-SU-2024:0512-1 Security update for golang-github-prometheus-alertmanager | 2% Низкий | больше 1 года назад | |
 | ROS-20240827-17 Уязвимость golang-github-prometheus-alertmanager | CVSS3: 5.4 | 2% Низкий | 10 месяцев назад |
| GHSA-v86x-5fm3-5p7j Alertmanager UI is vulnerable to stored XSS via the /api/v1/alerts endpoint | CVSS3: 5.4 | 2% Низкий | почти 2 года назад |
 | BDU:2024-06600 Уязвимость файла /api/v1/alerts системы мониторинга Prometheus для обработки оповещений Alertmanager, позволяющая нарушителю выполнить произвольный код | CVSS3: 5.4 | 2% Низкий | почти 2 года назад |
Уязвимостей на страницу