FLOP:CVE Monitoring

From Funtoo
Revision as of 01:58, August 11, 2020 by D4g33z (talk | contribs)
Jump to navigation Jump to search
Created on
2020/01/21
Original Author(s)
d4g33z
Git sources (for cloning)
Link
Status
Reference Bug
FL-6938

Funtoo Linux Optimization Proposal: CVE Monitoring

Let's monitor the Common Vulnerabilities and Exposures (CVE) list and flag packages in the current portage tree accordingly. Posting bugs on jira.funtoo.org for affected packages could be automated to a significant extent.

cver: A Tool for Monitoring CVEs

   Note

cver now uses a MongoDB instance on the Funtoo infrastructure. No need to run your own!

Summary

Ultimately, not all ebuilds are created equal. Hence they are updated at different rates according to their popularity in the tree of available packages and this is generally fine: packages with a lot of use get updated frequently, and vulnerabilities are generally dealt with. Unpopular ebuilds can languish, and no one really cares. However, unpopular ebuilds with a significant vulnerability should be updated, popular or not, as they represent a potential vector for attack, if they can be installed.

Identifying ebuilds with an associated CVE will bring them to 'head of the queue' for pull requests and updates, which should often be trivial, as the vulnerability is dealt with upstream and released as a new hotfix version. Or, we can fork and provide our own mitigation, merging with upstream again when a new release comes out (if at all).

The cver (pronounced ça-veer) tool is built around redis cached mongodb collections that are regularly updated with newly filed CVEs. The tool queries the collections to produce a set of text data appropriate to fill fields on a newly created security vulnerability issue on the Funtoo bug tracker. The data can be output in various formats (current just formatted text on stdout), and eventually input directly to the bug tracker via its REST api.

Architecture

The architecture is simple:

┌─────────┐                                 
│redis    │      ┌────┐                     
│┌───────┐│      │jira│──────────┐          
││mongoDB││      └──┬─┘          │          
│└───────┘│         │            │          
└────┬────┘         │            │          
     │              │        *********      
     │     ┌───┐    │     ***         ***   
     ├─────┤dev│──────────*  discussion *   
     │     └─┬─┘    │     ***         ***   
     │       │      │        *********      
     │       │      │                       
     │     ┌─┴─┐    │                       
     ├─────┤bot│────┘                       
     │     └───┘                            
     │                                      
     │                                      
     │     ┌───┐                            
     └─────│usr│                            
           └───┘
  • A dev uses the tool to query the redis cache of the CVE data held in the mongoDB, update and admin the mongoDB, create reports for discussion, and control a bot.
  • The bot can query the redis cache and create issues to post via the REST api of jira.
  • A user can query the redis cache and create reports.
  • discussion produces issues to be posted at jira.
  • Note: it could be true that dev == bot; a report can contain REST api urls for jira

Algorithm

The cvedb.cves collection provided by cve-search has the following estimated schema (see variety, a schema estimator for mongodb):

+--------------------------------------------------------------------------------+
| key                              | types    | occurrences | percents           |
| -------------------------------- | -------- | ----------- | ------------------ |
| Modified                         | Date     |      136539 | 100.00000000000000 |
| Published                        | Date     |      136539 | 100.00000000000000 |
| _id                              | ObjectId |      136539 | 100.00000000000000 |
| access                           | Object   |      136539 | 100.00000000000000 |
| assigner                         | String   |      136539 | 100.00000000000000 |
| cvss                             | Number   |      136539 | 100.00000000000000 |
| cwe                              | String   |      136539 | 100.00000000000000 |
| id                               | String   |      136539 | 100.00000000000000 |
| impact                           | Object   |      136539 | 100.00000000000000 |
| references                       | Array    |      136539 | 100.00000000000000 |
| summary                          | String   |      136539 | 100.00000000000000 |
| vulnerable_configuration         | Array    |      136539 | 100.00000000000000 |
| vulnerable_configuration_cpe_2_2 | Array    |      136539 | 100.00000000000000 |
| vulnerable_product               | Array    |      136539 | 100.00000000000000 |
| access.authentication            | String   |      128583 |  94.17309340188518 |
| access.complexity                | String   |      128583 |  94.17309340188518 |
| access.vector                    | String   |      128583 |  94.17309340188518 |
| cvss-time                        | Date     |      128583 |  94.17309340188518 |
| cvss-vector                      | String   |      128583 |  94.17309340188518 |
| impact.availability              | String   |      128583 |  94.17309340188518 |
| impact.confidentiality           | String   |      128583 |  94.17309340188518 |
| impact.integrity                 | String   |      128583 |  94.17309340188518 |
+--------------------------------------------------------------------------------+

An important key in the collection is that of vulnerable_product. It contains an array of the Common Platform Enumeration of the affected pieces of software, and can potentially be matched (along with the affected product's version(s)) to packages in the Funtoo portage meta-repo.

This is the bird's eye view of what a CPE is:

CPE is a structured naming scheme for information technology systems, software, and packages. Based upon the generic syntax for Uniform Resource Identifiers (URI), CPE includes a formal name format, a method for checking names against a system, and a description format for binding text and tests to a name.

Thus, filtering packages by CVE requires a map between package names and CPE. The current algorithm is the simplest possible: if a CVE has a list of CPEs, each CPE is interpreted to yield a single token and an exact match with package name is attempted for the whole meta-repo using app-portage/eix. If there is a match, then a jira issue can be constructed and reported. Even this simple algorithm produces quite a few matches, but it also misses very significant issues if the CPEs are not added properly to the CVE database for the issue. FL-6938 is a case in point: it was not filed with a CPE for sys-apps/portage (does it exist?) so the algorithm skipped right over it. A more sophisticated algorithm would have done regular expression matching on the summary key of the issue, perhaps matching on the string 'Gentoo Portage,' and producing a report for discussion, and eventual posting to jira.

Once a match is made, the cve-search collection and the portage package database (via app-portage/eix) can be combined to produce the data appropriate for a report.

The correct pattern for this is probably a truth table, with the above exact matching algorithm one example of generalized predicates at are applied to each cve document in the cvedb. A table pairing packages and predicates can they be interpreted via custom logical operations to yields sets of the packages to consider for further discussion or immediate issue creation.



State

The cver tool is currently stateless: it takes some bytes and it makes some bytes. We should probably keep it that way. A disk cache of the LRU memo-ized python function eix_xml might be nice. It would have to be wiped when eix was updated, of course.

Example Output Fri 31 Jul 2020 02:49:59 PM EDT

Summary:


CVE-2020-15953: net-libs/libetpan-1.9.3

Description:


[07/27/2020] LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other products, has a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a meddler-in-the-middle attacker) and evaluates it in a TLS context, aka "response injection."

CatPkg:


net-libs/libetpan

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


1.9.3

Facts:


https://github.com/dinhvh/libetpan/issues/386 https://security.gentoo.org/glsa/202007-55


Summary:


CVE-2020-12460: mail-filter/opendmarc-1.1.3

Description:


[07/27/2020] OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 has improper null termination in the function opendmarc_xml_parse that can result in a one-byte heap overflow in opendmarc_xml when parsing a specially crafted DMARC aggregate report. This can cause remote memory corruption when a '\0' byte overwrites the heap metadata of the next chunk and its PREV_INUSE flag.

CatPkg:


mail-filter/opendmarc

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


1.1.3

Facts:


https://github.com/trusteddomainproject/OpenDMARC/issues/64 https://sourceforge.net/projects/opendmarc/


Summary:


CVE-2020-15890: dev-lang/luajit-2.0.2

Description:


[07/21/2020] LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc handler frame traversal is mishandled.

CatPkg:


dev-lang/luajit

KitBranch:


lang-kit/1.4-release

labels:


security

AffectsVersions:


2.0.2

Facts:


https://github.com/LuaJIT/LuaJIT/issues/601 https://lists.debian.org/debian-lts-announce/2020/07/msg00026.html


Summary:


CVE-2020-15890: dev-lang/luajit-2.0.3

Description:


[07/21/2020] LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc handler frame traversal is mishandled.

CatPkg:


dev-lang/luajit

KitBranch:


lang-kit/1.4-release

labels:


security

AffectsVersions:


2.0.3

Facts:


https://github.com/LuaJIT/LuaJIT/issues/601 https://lists.debian.org/debian-lts-announce/2020/07/msg00026.html


Summary:


CVE-2020-15890: dev-lang/luajit-2.0.4

Description:


[07/21/2020] LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc handler frame traversal is mishandled.

CatPkg:


dev-lang/luajit

KitBranch:


lang-kit/1.4-release

labels:


security

AffectsVersions:


2.0.4

Facts:


https://github.com/LuaJIT/LuaJIT/issues/601 https://lists.debian.org/debian-lts-announce/2020/07/msg00026.html


Summary:


CVE-2020-15890: dev-lang/luajit-2.0.5

Description:


[07/21/2020] LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc handler frame traversal is mishandled.

CatPkg:


dev-lang/luajit

KitBranch:


lang-kit/1.4-release

labels:


security

AffectsVersions:


2.0.5

Facts:


https://github.com/LuaJIT/LuaJIT/issues/601 https://lists.debian.org/debian-lts-announce/2020/07/msg00026.html


Summary:


CVE-2020-1776: www-apps/otrs-5.0.25

Description:


[07/20/2020] When an agent user is renamed or set to invalid the session belonging to the user is keept active. The session can not be used to access ticket data in the case the agent is invalid. This issue affects ((OTRS)) Community Edition: 6.0.28 and prior versions. OTRS: 7.0.18 and prior versions, 8.0.4. and prior versions.

CatPkg:


www-apps/otrs

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


5.0.25

Facts:


https://otrs.com/release-notes/otrs-security-advisory-2020-13/


Summary:


CVE-2020-1776: www-apps/otrs-6.0.3

Description:


[07/20/2020] When an agent user is renamed or set to invalid the session belonging to the user is keept active. The session can not be used to access ticket data in the case the agent is invalid. This issue affects ((OTRS)) Community Edition: 6.0.28 and prior versions. OTRS: 7.0.18 and prior versions, 8.0.4. and prior versions.

CatPkg:


www-apps/otrs

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


6.0.3

Facts:


https://otrs.com/release-notes/otrs-security-advisory-2020-13/


Summary:


CVE-2020-1776: www-apps/otrs-6.0.4

Description:


[07/20/2020] When an agent user is renamed or set to invalid the session belonging to the user is keept active. The session can not be used to access ticket data in the case the agent is invalid. This issue affects ((OTRS)) Community Edition: 6.0.28 and prior versions. OTRS: 7.0.18 and prior versions, 8.0.4. and prior versions.

CatPkg:


www-apps/otrs

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


6.0.4

Facts:


https://otrs.com/release-notes/otrs-security-advisory-2020-13/


Summary:


CVE-2020-1776: www-apps/otrs-6.0.5

Description:


[07/20/2020] When an agent user is renamed or set to invalid the session belonging to the user is keept active. The session can not be used to access ticket data in the case the agent is invalid. This issue affects ((OTRS)) Community Edition: 6.0.28 and prior versions. OTRS: 7.0.18 and prior versions, 8.0.4. and prior versions.

CatPkg:


www-apps/otrs

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


6.0.5

Facts:


https://otrs.com/release-notes/otrs-security-advisory-2020-13/


Summary:


CVE-2020-1776: www-apps/otrs-6.0.7

Description:


[07/20/2020] When an agent user is renamed or set to invalid the session belonging to the user is keept active. The session can not be used to access ticket data in the case the agent is invalid. This issue affects ((OTRS)) Community Edition: 6.0.28 and prior versions. OTRS: 7.0.18 and prior versions, 8.0.4. and prior versions.

CatPkg:


www-apps/otrs

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


6.0.7

Facts:


https://otrs.com/release-notes/otrs-security-advisory-2020-13/


Summary:


CVE-2020-14928: gnome-extra/evolution-data-server-3.36.2

Description:


[07/17/2020] evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection."

CatPkg:


gnome-extra/evolution-data-server

KitBranch:


gnome-kit/3.36-prime

labels:


security

AffectsVersions:


3.36.2

Facts:


https://bugzilla.suse.com/show_bug.cgi?id=1173910 https://gitlab.gnome.org/GNOME//evolution-data-server/commit/ba82be72cfd427b5d72ff21f929b3a6d8529c4df https://gitlab.gnome.org/GNOME/evolution-data-server/-/commit/f404f33fb01b23903c2bbb16791c7907e457fbac https://gitlab.gnome.org/GNOME/evolution-data-server/-/issues/226 https://lists.debian.org/debian-lts-announce/2020/07/msg00012.html https://security-tracker.debian.org/tracker/DLA-2281-1 https://security-tracker.debian.org/tracker/DSA-4725-1 https://usn.ubuntu.com/4429-1/ https://www.debian.org/security/2020/dsa-4725


Summary:


CVE-2020-15852: app-emulation/xen-4.10.3-r1

Description:


[07/20/2020] An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization between the I/O bitmaps of TSS and Xen, aka CID-cadfad870154.

CatPkg:


app-emulation/xen

KitBranch:


nokit/1.4-release

labels:


security

AffectsVersions:


4.10.3-r1

Facts:


http://www.openwall.com/lists/oss-security/2020/07/21/2 http://xenbits.xen.org/xsa/advisory-329.html https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cadfad870154e14f745ec845708bc17d166065f2 https://github.com/torvalds/linux/commit/cadfad870154e14f745ec845708bc17d166065f2


Summary:


CVE-2020-15852: app-emulation/xen-4.11.1-r3

Description:


[07/20/2020] An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization between the I/O bitmaps of TSS and Xen, aka CID-cadfad870154.

CatPkg:


app-emulation/xen

KitBranch:


nokit/1.4-release

labels:


security

AffectsVersions:


4.11.1-r3

Facts:


http://www.openwall.com/lists/oss-security/2020/07/21/2 http://xenbits.xen.org/xsa/advisory-329.html https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cadfad870154e14f745ec845708bc17d166065f2 https://github.com/torvalds/linux/commit/cadfad870154e14f745ec845708bc17d166065f2


Summary:


CVE-2020-15852: app-emulation/xen-4.12.0-r1

Description:


[07/20/2020] An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization between the I/O bitmaps of TSS and Xen, aka CID-cadfad870154.

CatPkg:


app-emulation/xen

KitBranch:


nokit/1.4-release

labels:


security

AffectsVersions:


4.12.0-r1

Facts:


http://www.openwall.com/lists/oss-security/2020/07/21/2 http://xenbits.xen.org/xsa/advisory-329.html https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cadfad870154e14f745ec845708bc17d166065f2 https://github.com/torvalds/linux/commit/cadfad870154e14f745ec845708bc17d166065f2


Summary:


CVE-2020-15121: dev-util/radare2-3.4.1

Description:


[07/20/2020] In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current directory.

CatPkg:


dev-util/radare2

KitBranch:


dev-kit/1.4-release

labels:


security

AffectsVersions:


3.4.1

Facts:


https://github.com/radareorg/radare2/commit/04edfa82c1f3fa2bc3621ccdad2f93bdbf00e4f9 https://github.com/radareorg/radare2/issues/16945 https://github.com/radareorg/radare2/pull/16966 https://github.com/radareorg/radare2/security/advisories/GHSA-r552-vp94-9358


Summary:


CVE-2020-15121: dev-util/radare2-3.5.0

Description:


[07/20/2020] In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current directory.

CatPkg:


dev-util/radare2

KitBranch:


dev-kit/1.4-release

labels:


security

AffectsVersions:


3.5.0

Facts:


https://github.com/radareorg/radare2/commit/04edfa82c1f3fa2bc3621ccdad2f93bdbf00e4f9 https://github.com/radareorg/radare2/issues/16945 https://github.com/radareorg/radare2/pull/16966 https://github.com/radareorg/radare2/security/advisories/GHSA-r552-vp94-9358


Summary:


CVE-2020-15121: dev-util/radare2-3.5.1

Description:


[07/20/2020] In radare2 before version 4.5.0, malformed PDB file names in the PDB server path cause shell injection. To trigger the problem it's required to open the executable in radare2 and run idpd to trigger the download. The shell code will execute, and will create a file called pwned in the current directory.

CatPkg:


dev-util/radare2

KitBranch:


dev-kit/1.4-release

labels:


security

AffectsVersions:


3.5.1

Facts:


https://github.com/radareorg/radare2/commit/04edfa82c1f3fa2bc3621ccdad2f93bdbf00e4f9 https://github.com/radareorg/radare2/issues/16945 https://github.com/radareorg/radare2/pull/16966 https://github.com/radareorg/radare2/security/advisories/GHSA-r552-vp94-9358


Summary:


CVE-2020-14001: dev-ruby/kramdown-1.17.0

Description:


[07/17/2020] The kramdown gem before 2.3.0 for Ruby processes the template option inside Kramdown documents by default, which allows unintended read access (such as template="/etc/passwd") or unintended embedded Ruby code execution (such as a string that begins with template="string://<%= `). NOTE: kramdown is used in Jekyll, GitLab Pages, GitHub Pages, and Thredded Forum.

CatPkg:


dev-ruby/kramdown

KitBranch:


ruby-kit/2.6-prime

labels:


security

AffectsVersions:


1.17.0

Facts:


https://github.com/gettalong/kramdown https://github.com/gettalong/kramdown/commit/1b8fd33c3120bfc6e5164b449e2c2fc9c9306fde https://github.com/gettalong/kramdown/compare/REL_2_2_1...REL_2_3_0 https://kramdown.gettalong.org https://kramdown.gettalong.org/news.html https://rubygems.org/gems/kramdown


Summary:


CVE-2020-15586: dev-lang/go-1.12.17

Description:


[07/17/2020] Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time.

CatPkg:


dev-lang/go

KitBranch:


lang-kit/1.4-release

labels:


security

AffectsVersions:


1.12.17

Facts:


http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00077.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html https://groups.google.com/forum/#!topic/golang-announce/f2c5bqrGH_g https://groups.google.com/forum/#!topic/golang-announce/XZNfaiwgt2w https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCR6LAKCVKL55KJQPPBBWVQGOP7RL2RW/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WIRVUHD7TJIT7JJ33FKHIVTHPYABYPHR/ https://www.cloudfoundry.org/blog/cve-2020-15586/


Summary:


CVE-2020-14039: dev-lang/go-1.12.17

Description:


[07/17/2020] In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.

CatPkg:


dev-lang/go

KitBranch:


lang-kit/1.4-release

labels:


security

AffectsVersions:


1.12.17

Facts:


http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00077.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00082.html https://groups.google.com/forum/#!forum/golang-announce https://groups.google.com/forum/#!topic/golang-announce/XZNfaiwgt2w


Summary:


CVE-2020-15803: net-analyzer/zabbix-2.2.16

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


2.2.16

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-2.2.16

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


2.2.16

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-2.2.16

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


2.2.16

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-2.2.21

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


2.2.21

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-2.2.21

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


2.2.21

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-2.2.21

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


2.2.21

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-2.2.21

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


2.2.21

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-2.2.23

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


2.2.23

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-2.2.23

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


2.2.23

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-2.2.23

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


2.2.23

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-3.0.26

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


3.0.26

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-3.0.26

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


3.0.26

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-3.0.26

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


3.0.26

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-4.0.6

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


4.0.6

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-4.0.6

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


4.0.6

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-4.0.6

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


4.0.6

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-4.0.6

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


4.0.6

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-4.0.7

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


4.0.7

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-4.0.7

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


4.0.7

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-4.0.7

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


4.0.7

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-4.0.9

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


4.0.9

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-4.0.9

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


4.0.9

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-3.2.11

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


3.2.11

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-3.4.15

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


3.4.15

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057


Summary:


CVE-2020-15803: net-analyzer/zabbix-4.2.3

Description:


[07/17/2020] Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

CatPkg:


net-analyzer/zabbix

KitBranch:


net-kit/1.4-release

labels:


security

AffectsVersions:


4.2.3

Facts:


https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ZHHIUYIVA5GZYLKW6A5G6HRELPOBZFE/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TIRIMOXH6GSBAANDCB3ANLJK4CRLWRXT/ https://support.zabbix.com/browse/ZBX-18057