| Release | Version |
|---|---|
| buster | 2.6.2-3+deb10u1 |
| bullseye | 2.8.2-2 |
| bookworm | 2.11.4-2+deb12u1 |
| trixie | 2.12.1-1 |
| sid | 2.12.1-1 |
| Bug | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2022-24715 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | Icinga Web 2 is an open source monitoring web interface, framework and ... |
| CVE-2022-24714 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | Icinga Web 2 is an open source monitoring web interface, framework and ... |
| CVE-2021-32747 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | Icinga Web 2 is an open source monitoring web interface, framework, an ... |
| CVE-2021-32746 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | Icinga Web 2 is an open source monitoring web interface, framework and ... |
| Bug | Description |
|---|---|
| CVE-2022-24716 | Icinga Web 2 is an open source monitoring web interface, framework and ... |
| CVE-2020-24368 | Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Director ... |
| CVE-2018-18250 | Icinga Web 2 before 2.6.2 allows parameters that break navigation dash ... |
| CVE-2018-18249 | Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives ... |
| CVE-2018-18248 | Icinga Web 2 has XSS via the /icingaweb2/monitoring/list/services dir ... |
| CVE-2018-18247 | Icinga Web 2 before 2.6.2 has XSS via the /icingaweb2/navigation/add i ... |
| CVE-2018-18246 | Icinga Web 2 before 2.6.2 has CSRF via /icingaweb2/config/moduledisabl ... |
| DSA / DLA | Description |
|---|---|
| DLA-2343-1 | icingaweb2 - security update |
| DSA-4747-1 | icingaweb2 - security update |