org.graylog2:graylog2-server vulnerabilities

Published: 11 years ago Last updated: 20 days ago Latest version: 7.0.0 Latest non-vulnerable version: 7.0.0

License

SSPL-1.0[4.0.0,);

GPL-3.0[0.20.0-rc.1-1,4.0.0);

Known vulnerabilities in the org.graylog2:graylog2-server package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
H Improper Authorization	[6.2.0,6.2.4)
M Cross-site Scripting (XSS)	[,6.2.0)
H Cross-site Scripting (XSS)	[,6.0.14)[6.1.0,6.1.10)
M Authentication Bypass Using an Alternate Path or Channel	[6.1.0,6.1.9)
H Information Exposure	[6.1.0,6.1.2)
M Session Fixation	[4.3.0,5.1.11)[5.2.0-alpha.1,5.2.4)
H Improper Access Control	[2.0.0,5.1.11)[5.2.0-alpha.1,5.2.4)
M Insecure Randomness	[,5.0.9)[5.1.0,5.1.3)
M Directory Traversal	[5.1.0,5.1.3)
M Insufficient Session Expiration	[1.0,5.0.9)[5.1.0,5.1.3)
M Directory Traversal	[0,4.0.0-beta.1)
H Improper Certificate Validation	[0,3.3.3)
M Cross-site Scripting (XSS)	[,2.4.4)
M Cross-site Scripting (XSS)	[,2.4.4)

336 VERSIONS IN TOTAL See all versions