perfSONAR
Products
2- 4 CVEs
- 4 CVEs
Recent CVEs
8| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-12525 | Med | 0.38 | 5.3 | 0.07 | Jun 18, 2018 | An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /images/ provides a directory listing. | ||
| CVE-2018-12524 | Med | 0.38 | 5.3 | 0.07 | Jun 18, 2018 | An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /lib/ provides a directory listing. | ||
| CVE-2018-12523 | Med | 0.38 | 5.3 | 0.07 | Jun 18, 2018 | An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /etc/ provides a directory listing. | ||
| CVE-2018-12522 | Med | 0.38 | 5.3 | 0.07 | Jun 18, 2018 | An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /style/ provides a directory listing. | ||
| CVE-2022-41412 | 0.07 | — | 0.04 | Nov 30, 2022 | An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access sensitive data and execute Server-Side Request Forgery (SSRF) attacks. | |||
| CVE-2022-41413 | 0.03 | — | 0.02 | Nov 30, 2022 | perfSONAR v4.x <= v4.4.5 was discovered to contain a Cross-Site Request Forgery (CSRF) which is triggered when an attacker injects crafted input into the Search function. | |||
| CVE-2022-45213 | 0.00 | — | 0.01 | Jan 1, 2023 | perfSONAR before 4.4.6 inadvertently supports the parse option for a file:// URL. | |||
| CVE-2022-45027 | 0.00 | — | 0.01 | Jan 1, 2023 | perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address. |
- risk 0.38cvss 5.3epss 0.07
An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /images/ provides a directory listing.
- risk 0.38cvss 5.3epss 0.07
An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /lib/ provides a directory listing.
- risk 0.38cvss 5.3epss 0.07
An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /etc/ provides a directory listing.
- risk 0.38cvss 5.3epss 0.07
An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /style/ provides a directory listing.
- CVE-2022-41412Nov 30, 2022risk 0.07cvss —epss 0.04
An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access sensitive data and execute Server-Side Request Forgery (SSRF) attacks.
- CVE-2022-41413Nov 30, 2022risk 0.03cvss —epss 0.02
perfSONAR v4.x <= v4.4.5 was discovered to contain a Cross-Site Request Forgery (CSRF) which is triggered when an attacker injects crafted input into the Search function.
- CVE-2022-45213Jan 1, 2023risk 0.00cvss —epss 0.01
perfSONAR before 4.4.6 inadvertently supports the parse option for a file:// URL.
- CVE-2022-45027Jan 1, 2023risk 0.00cvss —epss 0.01
perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address.