Overview
Request 1174071 accepted
cacti 1.2.27
* CVE-2024-34340: Authentication Bypass when using using older password hashes (boo#1224240)
* CVE-2024-25641: RCE vulnerability when importing packages (boo#1224229)
* CVE-2024-31459: RCE vulnerability when plugins include files (boo#1224238)
* CVE-2024-31460: SQL Injection vulnerability when using tree rules through Automation API (boo#1224239)
* CVE-2024-29894: XSS vulnerability when using JavaScript based messaging API (boo#1224231)
* CVE-2024-31458: SQL Injection vulnerability when using form templates (boo#1224241)
* CVE-2024-31444: XSS vulnerability when reading tree rules with Automation API (boo#1224236)
* CVE-2024-31443: XSS vulnerability when managing data queries (boo#1224235)
* CVE-2024-31445: SQL Injection vulnerability when retrieving graphs using Automation API (boo#1224237)
* CVE-2024-27082: XSS vulnerability when managing trees (boo#1224230)
- Created by AndreasStieger
- In state accepted
Request History
AndreasStieger created request
cacti 1.2.27
* CVE-2024-34340: Authentication Bypass when using using older password hashes (boo#1224240)
* CVE-2024-25641: RCE vulnerability when importing packages (boo#1224229)
* CVE-2024-31459: RCE vulnerability when plugins include files (boo#1224238)
* CVE-2024-31460: SQL Injection vulnerability when using tree rules through Automation API (boo#1224239)
* CVE-2024-29894: XSS vulnerability when using JavaScript based messaging API (boo#1224231)
* CVE-2024-31458: SQL Injection vulnerability when using form templates (boo#1224241)
* CVE-2024-31444: XSS vulnerability when reading tree rules with Automation API (boo#1224236)
* CVE-2024-31443: XSS vulnerability when managing data queries (boo#1224235)
* CVE-2024-31445: SQL Injection vulnerability when retrieving graphs using Automation API (boo#1224237)
* CVE-2024-27082: XSS vulnerability when managing trees (boo#1224230)
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
staging-bot added openSUSE:Factory:Staging:adi:31 as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:31"
staging-bot accepted review
Picked "openSUSE:Factory:Staging:adi:31"
AndreasStieger changed priority to moderate => important
dimstar accepted review
anag+factory accepted review
Staging Project openSUSE:Factory:Staging:adi:31 got accepted.
anag+factory approved review
Staging Project openSUSE:Factory:Staging:adi:31 got accepted.
anag+factory accepted request
Staging Project openSUSE:Factory:Staging:adi:31 got accepted.