All errata/p10_e2k/ALT-PU-2024-12602-1
ALT-PU-2024-12602-1

Package update zoneminder in branch p10_e2k

Version1.36.34-alt1
Task#0
Published2024-09-12
Max severityCRITICAL
Severity:

Closed issues (3)

CVE-2024-43358
MEDIUM6.1

ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the filter view via the filter[Id]. This vulnerability is fixed in 1.36.34 and 1.37.61.

Published: 2024-08-12Modified: 2024-09-04
CVSS 3.xMEDIUM 6.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
References
CVE-2024-43359
MEDIUM6.1

ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the montagereview via the displayinterval, speed, and scale parameters. This vulnerability is fixed in 1.36.34 and 1.37.61.

Published: 2024-08-12Modified: 2024-09-04
CVSS 3.xMEDIUM 6.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
References
CVE-2024-43360
CRITICAL9.8

ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder is affected by a time-based SQL Injection vulnerability. This vulnerability is fixed in 1.36.34 and 1.37.61.

Published: 2024-08-12Modified: 2024-09-04
CVSS 3.xCRITICAL 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References