exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 8

BDU:2024-06600

больше 2 лет назад

Уязвимость файла /api/v1/alerts системы мониторинга Prometheus для обработки оповещений Alertmanager, позволяющая нарушителю выполнить произвольный код

CVSS3: 5.4

EPSS: Низкий

ROS-20240827-17

больше 1 года назад

Уязвимость golang-github-prometheus-alertmanager

CVSS3: 5.4

EPSS: Низкий

CVE-2023-40577

больше 2 лет назад

Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51.

CVSS3: 7.5

EPSS: Низкий

CVE-2023-40577

больше 2 лет назад

Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51.

CVSS3: 7.5

EPSS: Низкий

CVE-2023-40577

больше 2 лет назад

Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51.

CVSS3: 7.5

EPSS: Низкий

CVE-2023-40577

больше 2 лет назад

Alertmanager handles alerts sent by client applications such as the Pr ...

CVSS3: 7.5

EPSS: Низкий

SUSE-SU-2024:0512-1

почти 2 года назад

Security update for golang-github-prometheus-alertmanager

EPSS: Низкий

GHSA-v86x-5fm3-5p7j

больше 2 лет назад

Alertmanager UI is vulnerable to stored XSS via the /api/v1/alerts endpoint

CVSS3: 5.4

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
BDU:2024-06600 Уязвимость файла /api/v1/alerts системы мониторинга Prometheus для обработки оповещений Alertmanager, позволяющая нарушителю выполнить произвольный код	CVSS3: 5.4	2% Низкий	больше 2 лет назад
ROS-20240827-17 Уязвимость golang-github-prometheus-alertmanager	CVSS3: 5.4	2% Низкий	больше 1 года назад
CVE-2023-40577 Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51.	CVSS3: 7.5	2% Низкий	больше 2 лет назад
CVE-2023-40577 Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51.	CVSS3: 7.5	2% Низкий	больше 2 лет назад
CVE-2023-40577 Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51.	CVSS3: 7.5	2% Низкий	больше 2 лет назад
CVE-2023-40577 Alertmanager handles alerts sent by client applications such as the Pr ...	CVSS3: 7.5	2% Низкий	больше 2 лет назад
SUSE-SU-2024:0512-1 Security update for golang-github-prometheus-alertmanager		2% Низкий	почти 2 года назад
GHSA-v86x-5fm3-5p7j Alertmanager UI is vulnerable to stored XSS via the /api/v1/alerts endpoint	CVSS3: 5.4	2% Низкий	больше 2 лет назад

Уязвимостей на страницу