stable

cacti-1.2.25-1.el9 and cacti-spine-1.2.25-1.el9

FEDORA-EPEL-2023-13e7593253 created by carlwgeorge a year ago for Fedora EPEL 9

Update cacti and cacti-spine to version 1.2.25. This includes the upstream fixes for many CVEs.

https://github.com/Cacti/cacti/releases/tag/release%2F1.2.25

This update has been submitted for testing by carlwgeorge.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has been pushed to testing.

a year ago

This update has been submitted for stable by bodhi.

12 months ago

This update has been pushed to stable.

12 months ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
a year ago
in testing
a year ago
in stable
12 months ago
approved
12 months ago
BZ#2237580 CVE-2023-39514 cacti: Cross-Site Scripting vulnerability with Data Source Name when managing Graphs [epel-all]
0
0
BZ#2237581 CVE-2023-39513 cacti: Cross-Site Scripting vulnerability with Device Name when debugging data queries [epel-all]
0
0
BZ#2237586 CVE-2023-39515 cacti: Cross-Site Scripting vulnerability with Data Source Name when debugging Data Queries [epel-all]
0
0
BZ#2237589 CVE-2023-39359 cacti: Authenticated SQL injection vulnerability when managing graphs [epel-all]
0
0
BZ#2237591 CVE-2023-39360 cacti: Cross-Site Scripting vulnerability when creating new graphs [epel-all]
0
0
BZ#2237596 CVE-2023-39361 cacti: Unauthenticated SQL Injection when viewing graphs [epel-all]
0
0
BZ#2237599 CVE-2023-39366 cacti: Cross-Site Scripting vulnerability with Device Name when managing Data Sources [epel-all]
0
0
BZ#2237602 CVE-2023-39510 cacti: Cross-Site Scripting vulnerability with Device Name when administrating Reports [epel-all]
0
0
BZ#2237605 CVE-2023-39357 cacti: SQL Injection when saving data with sql_save() [epel-all]
0
0
BZ#2237608 CVE-2023-39358 cacti: Authenticated SQL injection vulnerability when managing reports [epel-all]
0
0
BZ#2237612 CVE-2023-39364 cacti: Open redirect in change password functionality [epel-all]
0
0
BZ#2237614 CVE-2023-39365 cacti: SQL Injection when using regular expressions [epel-all]
0
0
BZ#2237617 CVE-2023-30534 cacti: Insecure deserialization of filter data [epel-all]
0
0
BZ#2237620 CVE-2023-31132 cacti: Privilege escalation when Cacti installed using Windows Installer defaults [epel-all]
0
0
BZ#2237623 CVE-2023-39362 cacti: Authenticated command injection when using SNMP options [epel-all]
0
0
BZ#2237626 CVE-2023-39516 cacti: Cross-Site Scripting vulnerability with Data Source Information when managing Data Sources [epel-all]
0
0
BZ#2237818 CVE-2023-39511 cacti: Cross-Site Scripting vulnerability with Device Name when editing Graphs whilst managing Reports [epel-all]
0
0
BZ#2242048 CVE-2023-39512 cacti: Cross-Site Scripting vulnerability with Device Name when managing Data Sources [epel-all]
0
0

Automated Test Results