Request 1174071: Submit cacti - openSUSE Build Service

Overview

Request 1174071 accepted

cacti 1.2.27
* CVE-2024-34340: Authentication Bypass when using using older password hashes (boo#1224240)
* CVE-2024-25641: RCE vulnerability when importing packages (boo#1224229)
* CVE-2024-31459: RCE vulnerability when plugins include files (boo#1224238)
* CVE-2024-31460: SQL Injection vulnerability when using tree rules through Automation API (boo#1224239)
* CVE-2024-29894: XSS vulnerability when using JavaScript based messaging API (boo#1224231)
* CVE-2024-31458: SQL Injection vulnerability when using form templates (boo#1224241)
* CVE-2024-31444: XSS vulnerability when reading tree rules with Automation API (boo#1224236)
* CVE-2024-31443: XSS vulnerability when managing data queries (boo#1224235)
* CVE-2024-31445: SQL Injection vulnerability when retrieving graphs using Automation API (boo#1224237)
* CVE-2024-27082: XSS vulnerability when managing trees (boo#1224230)

Created by AndreasStieger about 1 month ago
In state accepted

Submit cacti

Comments for request 1174071 0

Login required, please login in order to comment

Request History

AndreasStieger created request about 1 month ago

cacti 1.2.27
* CVE-2024-34340: Authentication Bypass when using using older password hashes (boo#1224240)
* CVE-2024-25641: RCE vulnerability when importing packages (boo#1224229)
* CVE-2024-31459: RCE vulnerability when plugins include files (boo#1224238)
* CVE-2024-31460: SQL Injection vulnerability when using tree rules through Automation API (boo#1224239)
* CVE-2024-29894: XSS vulnerability when using JavaScript based messaging API (boo#1224231)
* CVE-2024-31458: SQL Injection vulnerability when using form templates (boo#1224241)
* CVE-2024-31444: XSS vulnerability when reading tree rules with Automation API (boo#1224236)
* CVE-2024-31443: XSS vulnerability when managing data queries (boo#1224235)
* CVE-2024-31445: SQL Injection vulnerability when retrieving graphs using Automation API (boo#1224237)
* CVE-2024-27082: XSS vulnerability when managing trees (boo#1224230)

factory-auto added opensuse-review-team as a reviewer about 1 month ago

Please review sources

factory-auto accepted review about 1 month ago

Check script succeeded

licensedigger accepted review about 1 month ago

ok

staging-bot added openSUSE:Factory:Staging:adi:31 as a reviewer about 1 month ago

Being evaluated by staging project "openSUSE:Factory:Staging:adi:31"

staging-bot accepted review about 1 month ago

Picked "openSUSE:Factory:Staging:adi:31"

AndreasStieger changed priority to moderate => important about 1 month ago

dimstar accepted review about 1 month ago

anag+factory accepted review about 1 month ago

Staging Project openSUSE:Factory:Staging:adi:31 got accepted.

anag+factory approved review about 1 month ago

Staging Project openSUSE:Factory:Staging:adi:31 got accepted.

anag+factory accepted request about 1 month ago

Staging Project openSUSE:Factory:Staging:adi:31 got accepted.

openSUSE Build Service is sponsored by