Security: Icinga/icinga2
Security
No security policy detected
This project has not set up a SECURITY.md file yet.
-
TLS Certificate Validation Bypass for JSON-RPC and HTTP API ConnectionsGHSA-j7wq-r9mg-9wpv published
Nov 12, 2024 by julianbrostCritical -
Missing TLS server certificate validation in ElasticsearchWriter, GelfWriter, InfluxdbWriter and Influxdb2WriterGHSA-cxfm-8j5v-5qr2 published
Aug 19, 2021 by N-o-XLow -
Passwords used to access external services inadvertently exposed through APIGHSA-wrpw-pmr8-qgj7 published
Jul 15, 2021 by julianbrostModerate -
Results of queries for ApiListener objects include the ticket salt which allows in turn to steal (more privileged) identitiesGHSA-98wp-jc6q-x5q5 published
Jul 15, 2021 by julianbrostHigh -
Revoked certificates due for renewal will automatically be renewed ignoring the CRLGHSA-pcmr-2p2f-r7j6 published
Dec 15, 2020 by N-o-XLow
Learn more about advisories related to Icinga/icinga2 in the GitHub Advisory Database