VYPR
Vendor

perfSONAR

Products
2
CVEs
8
Across products
8
Status
Private

Products

2

Recent CVEs

8
  • CVE-2018-12525MedJun 18, 2018
    risk 0.38cvss 5.3epss 0.07

    An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /images/ provides a directory listing.

  • CVE-2018-12524MedJun 18, 2018
    risk 0.38cvss 5.3epss 0.07

    An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /lib/ provides a directory listing.

  • CVE-2018-12523MedJun 18, 2018
    risk 0.38cvss 5.3epss 0.07

    An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /etc/ provides a directory listing.

  • CVE-2018-12522MedJun 18, 2018
    risk 0.38cvss 5.3epss 0.07

    An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /style/ provides a directory listing.

  • CVE-2022-41412Nov 30, 2022
    risk 0.07cvss epss 0.04

    An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access sensitive data and execute Server-Side Request Forgery (SSRF) attacks.

  • CVE-2022-41413Nov 30, 2022
    risk 0.03cvss epss 0.02

    perfSONAR v4.x <= v4.4.5 was discovered to contain a Cross-Site Request Forgery (CSRF) which is triggered when an attacker injects crafted input into the Search function.

  • CVE-2022-45213Jan 1, 2023
    risk 0.00cvss epss 0.01

    perfSONAR before 4.4.6 inadvertently supports the parse option for a file:// URL.

  • CVE-2022-45027Jan 1, 2023
    risk 0.00cvss epss 0.01

    perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address.