rpm package
opensuse/monit&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/monit&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-7067 | Med | 6.5 | < 5.20.0-1.1 | 5.20.0-1.1 | Sep 10, 2018 | Monit before version 5.20.0 is vulnerable to a cross site request forgery attack. Successful exploitation will enable an attacker to disable/enable all monitoring for a particular host or disable/enable monitoring for a specific service. | |
| CVE-2014-3566 | Low | 3.4 | < 5.20.0-1.1 | 5.20.0-1.1 | Oct 15, 2014 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. |
- affected < 5.20.0-1.1fixed 5.20.0-1.1
Monit before version 5.20.0 is vulnerable to a cross site request forgery attack. Successful exploitation will enable an attacker to disable/enable all monitoring for a particular host or disable/enable monitoring for a specific service.
- affected < 5.20.0-1.1fixed 5.20.0-1.1
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.