munin-monitoring/munin

munin-monitoring/munin

munin-monitoring.org

Releases378

Frequency3 weeks 14 hours

Last Release about 1 month ago

Stars2.13K

Main repository for munin master / node / plugins

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2017-6188 ↗	Feb 22, 2017Wednesday, 22 February 2017, 19:59	5.5 MEDIUM	1.9 LOW
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upper_limit GET parameters allows overwriting any file accessible to the www-data user.
CVE-2013-6359 ↗	Dec 13, 2013Friday, 13 December 2013, 18:55	—	4.3 MEDIUM
Munin::Master::Node in Munin before 2.0.18 allows remote attackers to cause a denial of service (abort data collection for node) via a plugin that uses "multigraph" as a multigraph service name.
CVE-2013-6048 ↗	Dec 13, 2013Friday, 13 December 2013, 18:55	—	5 MEDIUM
The get_group_tree function in lib/Munin/Master/HTMLConfig.pm in Munin before 2.0.18 allows remote nodes to cause a denial of service (infinite loop and memory consumption in the munin-html process) via crafted multigraph data.