cacti vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the cacti package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
L CVE-2024-25641	*
L CVE-2024-27082	*
L CVE-2024-29894	*
L CVE-2024-34340	*
L CVE-2024-31460	*
L CVE-2024-31459	*
L CVE-2024-31445	*
L CVE-2024-31443	*
L CVE-2024-31444	*
L CVE-2024-31458	*
H SQL Injection	<1.2.2+ds1-2+deb10u6
M Cross-site Scripting (XSS)	<1.2.2+ds1-2+deb10u6
M Cross-site Scripting (XSS)	<1.2.2+ds1-2+deb10u6
H PHP Remote File Inclusion	<1.2.2+ds1-2+deb10u6
L Deserialization of Untrusted Data	*
M SQL Injection	<1.2.2+ds1-2+deb10u6
M Cross-site Scripting (XSS)	<1.2.2+ds1-2+deb10u6
M Open Redirect	<1.2.2+ds1-2+deb10u6
H Improper Input Validation	<1.2.2+ds1-2+deb10u6
H OS Command Injection	<1.2.2+ds1-2+deb10u6
M Cross-site Scripting (XSS)	<1.2.2+ds1-2+deb10u6
C SQL Injection	<1.2.2+ds1-2+deb10u6
M Cross-site Scripting (XSS)	<1.2.2+ds1-2+deb10u6
M Cross-site Scripting (XSS)	<1.2.2+ds1-2+deb10u6
L Incorrect Authorization	*
M Cross-site Scripting (XSS)	<0.8.7i-1
H Authorization Bypass Through User-Controlled Key	*
C OS Command Injection	<1.2.2+ds1-2+deb10u5
C Improper Authentication	<1.2.2+ds1-2+deb10u5
M Cross-site Scripting (XSS)	<0.8.7i-1
M Cross-site Scripting (XSS)	<1.2.1+ds1-1
M Cross-site Scripting (XSS)	<1.2.1+ds1-1
M Cross-site Scripting (XSS)	<1.2.2+ds1-2+deb10u5
H SQL Injection	<1.2.2+ds1-2+deb10u4
M Cross-site Scripting (XSS)	<1.2.2+ds1-2+deb10u5
M Cross-site Request Forgery (CSRF)	<1.2.2+ds1-2+deb10u3
M Improper Preservation of Permissions	<1.2.2+ds1-2+deb10u3
H OS Command Injection	<1.2.2+ds1-2+deb10u5
H OS Command Injection	<1.2.2+ds1-2+deb10u3
M Cross-site Scripting (XSS)	<1.2.2+ds1-2+deb10u3
L Improper Input Validation	*
H Out-of-bounds Write	<1.2.2+ds1-2+deb10u2
M SQL Injection	<1.2.2+ds1-2+deb10u2
M Authorization Bypass Through User-Controlled Key	<1.2.2+ds1-2+deb10u2
L Cross-site Scripting (XSS)	<1.2.2+ds1-2
L Cross-site Scripting (XSS)	<1.2.1+ds1-1
L Cross-site Scripting (XSS)	<1.2.1+ds1-1
L Cross-site Scripting (XSS)	<1.2.1+ds1-1
L Cross-site Scripting (XSS)	<1.2.1+ds1-1
L Cross-site Scripting (XSS)	<1.1.37+ds1-1
M Cross-site Scripting (XSS)	<1.1.37+ds1-1
L Cross-site Scripting (XSS)	<1.1.37+ds1-1
H Access Restriction Bypass	<0.8.8h+ds1-5
L Arbitrary Code Injection	<0.8.8e+ds1-1
M Cross-site Scripting (XSS)	<1.1.27+ds1-3
M Information Exposure	<1.1.27+ds1-3
H Exposure of Resource to Wrong Sphere	<1.1.27+ds1-3
H OS Command Injection	<1.1.27+ds1-3
M Cross-site Scripting (XSS)	<1.1.25+ds1-1
M Cross-site Scripting (XSS)	<1.1.18+ds1-1
M Cross-site Scripting (XSS)	<1.1.17+ds1-2
C CVE-2017-12065	<1.1.16+ds1-1
M Cross-site Scripting (XSS)	<1.1.16+ds1-1
M Cross-site Scripting (XSS)	<1.1.15+ds1-1
M Cross-site Scripting (XSS)	<0.8.8b+dfsg-6
H SQL Injection	<0.8.8e+ds1-1
M Cross-site Scripting (XSS)	<1.1.12+ds1-1
M Cross-site Scripting (XSS)	<1.1.12+ds1-1
H Access Restriction Bypass	<0.8.8g+ds1-1
H SQL Injection	<0.8.8g+ds1-2
H SQL Injection	<0.8.8f+ds1-4
H SQL Injection	<0.8.8h+ds1-1
H SQL Injection	<0.8.8f+ds1-3
M SQL Injection	<0.8.8f+ds1-4
H SQL Injection	<0.8.8e+ds1-1
M Cross-site Scripting (XSS)	<0.8.8d+ds1-1
M Cross-site Scripting (XSS)	<0.8.8d+ds1-1
H SQL Injection	<0.8.8d+ds1-1
H SQL Injection	<0.8.8d+ds1-1
M SQL Injection	<0.8.6f-1
L Cross-site Scripting (XSS)	<0.8.8b+dfsg-7
L Cross-site Scripting (XSS)	<0.8.8b+dfsg-7
H SQL Injection	<0.8.8b+dfsg-8
H Arbitrary Code Injection	<0.8.8b+dfsg-8
M Cross-site Scripting (XSS)	<0.8.8b+dfsg-6
M CVE-2014-2328	<0.8.8b+dfsg-4
H CVE-2014-2709	<0.8.8b+dfsg-4
M Cross-site Request Forgery (CSRF)	<0.8.8b+dfsg-6
H SQL Injection	<0.8.8b+dfsg-4
M Cross-site Scripting (XSS)	<0.8.8b+dfsg-4
H SQL Injection	<0.8.8b+dfsg-3
M Cross-site Scripting (XSS)	<0.8.8b+dfsg-3
H SQL Injection	<0.8.8b+dfsg-1
H Arbitrary Code Injection	<0.8.8b+dfsg-1
L Cross-site Scripting (XSS)	<0.8.7i-1
H SQL Injection	<0.8.7i-1
M Improper Input Validation	<0.8.7g-1
M Cross-site Scripting (XSS)	<0.8.7g-1
M Cross-site Scripting (XSS)	<0.8.7g-1
M Cross-site Scripting (XSS)	<0.8.7g-1
M Cross-site Scripting (XSS)	<0.8.7g-1
H SQL Injection	<0.8.7e-4
H SQL Injection	<0.8.7e-3
L Access Restriction Bypass	<1.2.1+ds1-1
L Cross-site Scripting (XSS)	<0.8.7e-1.1
L SQL Injection	<0.8.7b-1
L Cross-site Scripting (XSS)	<0.8.7b-1
L Information Exposure	<0.8.7b-1
M Arbitrary Code Injection	<0.8.7b-1
M SQL Injection	<0.8.7a-1
L CVE-2007-3112	<0.8.6j-1.1
L CVE-2007-3113	<0.8.6j-1.1
H CVE-2006-6799	<0.8.6i-3
M Cross-site Scripting (XSS)	<0.8.6d-1
M CVE-2006-0410	<0.8.6d-1
M SQL Injection	<0.8.6d-1
M CVE-2006-0147	<0.8.6d-1
H CVE-2005-2149	<0.8.6f-1
H CVE-2005-2148	<0.8.6f-1
H CVE-2005-1525	<0.8.6e-1
H CVE-2005-1524	<0.8.6e-1
H CVE-2005-1526	<0.8.6e-1
M CVE-2004-1736	<0.8.5a-5
H CVE-2004-1737	<0.8.5a-5
H CVE-2002-1477	<0.6.8a-2
C CVE-2002-1478	<0.6.8a-2
M CVE-2002-1479	<0.6.8-1