VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 13, 2013· Updated Apr 29, 2026

CVE-2013-6048

CVE-2013-6048

Description

The get_group_tree function in lib/Munin/Master/HTMLConfig.pm in Munin before 2.0.18 allows remote nodes to cause a denial of service (infinite loop and memory consumption in the munin-html process) via crafted multigraph data.

Affected products

19
  • Munin Monitoring/Munin19 versions
    cpe:2.3:a:munin-monitoring:munin:*:*:*:*:*:*:*:*+ 18 more
    • cpe:2.3:a:munin-monitoring:munin:*:*:*:*:*:*:*:*range: <=2.0.17
    • cpe:2.3:a:munin-monitoring:munin:2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:munin-monitoring:munin:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:munin-monitoring:munin:2.0.10:*:*:*:*:*:*:*
    • cpe:2.3:a:munin-monitoring:munin:2.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:munin-monitoring:munin:2.0.11.1:*:*:*:*:*:*:*
    • cpe:2.3:a:munin-monitoring:munin:2.0.12:*:*:*:*:*:*:*
    • cpe:2.3:a:munin-monitoring:munin:2.0.13:*:*:*:*:*:*:*
    • cpe:2.3:a:munin-monitoring:munin:2.0.14:*:*:*:*:*:*:*
    • cpe:2.3:a:munin-monitoring:munin:2.0.15:*:*:*:*:*:*:*
    • cpe:2.3:a:munin-monitoring:munin:2.0.16:*:*:*:*:*:*:*
    • cpe:2.3:a:munin-monitoring:munin:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:munin-monitoring:munin:2.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:munin-monitoring:munin:2.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:munin-monitoring:munin:2.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:munin-monitoring:munin:2.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:munin-monitoring:munin:2.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:munin-monitoring:munin:2.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:munin-monitoring:munin:2.0.9:*:*:*:*:*:*:*

Patches

1
284d7402718d
https://github.com/munin-monitoring/muninvia nvd-ref
commit

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

4

News mentions

0

No linked articles in our index yet.