Upgrade Amazon-Linux:2 kernel-debuginfo-common-aarch64 to version 0:4.14.268-205.500.amzn2 or higher. This issue was patched in ALAS2-2022-1761 .

tribe29/checkmk vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the https://github.com|tribe29/checkmk package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Insertion of Sensitive Information into Log File	[2.0.0,2.3.0p7)
M Improper Restriction of Excessive Authentication Attempts	[,2.3.0b5)
M Acceptance of Extraneous Untrusted Data With Trusted Data	[,2.3.0b5-rc1)
H Improper Preservation of Permissions	[,2.1.0p40)[2.2.0-rc1,2.2.0p23)
M Insertion of Sensitive Information into Log File	[,2.0.0p36)[2.1.0p0,2.1.0p27)[2.2.0b0,2.2.0b7)
H Uncontrolled Search Path Element	[,2.2.0p17)
L Cross-Site Request Forgery (CSRF)	[,2.2.0p15-rc1)
H Improper Neutralization of Delimiters	[,2.2.0p15-rc1)
H Improper Neutralization of Delimiters	[,2.2.0p15-rc1)
M Information Exposure	[2.1.0,2.1.0p28)[2.2.0-rc1,2.2.0b8)
H Privilege Escalation	[,1.6.0p29)[2.0.0,2.0.0p25)[2.1.0,2.1.0b10)
M Improper Input Validation	[,1.2.2][1.2.2,1.2.4)
M Cross-site Request Forgery (CSRF)	[,1.2.2][1.2.2,1.2.4)
M Cross-site Scripting (XSS)	[,1.4.0]
L Cross-site Scripting (XSS)	[,1.2.4p4)[1.2.54,1.2.5i4)
M Information Exposure	[,1.4.0)
H Remote Code Execution (RCE)	[,1.2.5)
M Access Restriction Bypass	[,1.2.5)
H Remote Code Execution (RCE)	[,1.6.0)
M Symlink Attack	[,1.2.6)
L Cross-site Scripting (XSS)	[,1.2.2][1.2.2,1.2.4)
H Remote Code Execution (RCE)	[,1.2.2][1.2.2,1.2.4)
M Cross-site Scripting (XSS)	[,1.2.8p25)[1.4.09,1.4.0p9)[1.5.01,1.5.0i1)