CVE-2022-0730: Under certain ldap conditions, Cacti authentication can be bypassed with certain credential types. And from 1.2.20 (unreleased) changelog, "security: Resolve issues with XSS issues in color_template. Thanks @M0rphling"
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7527905c4777bb0c1afe4336bfd963a269463722 commit 7527905c4777bb0c1afe4336bfd963a269463722 Author: Sam James <sam@gentoo.org> AuthorDate: 2022-05-16 07:02:43 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-05-16 19:56:40 +0000 net-analyzer/cacti-spine: add 1.2.20 Bug: https://bugs.gentoo.org/834597 Signed-off-by: Sam James <sam@gentoo.org> net-analyzer/cacti-spine/Manifest | 1 + net-analyzer/cacti-spine/cacti-spine-1.2.20.ebuild | 45 ++++++++++++++++++++++ 2 files changed, 46 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=af9acbd6e910d2487d82d3415c1fc01005b5872d commit af9acbd6e910d2487d82d3415c1fc01005b5872d Author: Sam James <sam@gentoo.org> AuthorDate: 2022-05-16 06:53:01 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-05-16 19:56:39 +0000 net-analyzer/cacti: add 1.2.20 Bug: https://bugs.gentoo.org/834597 Signed-off-by: Sam James <sam@gentoo.org> net-analyzer/cacti/Manifest | 1 + net-analyzer/cacti/cacti-1.2.20.ebuild | 49 ++++++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+)
Please cleanup
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=93382242ad7ed5613f96fc7ca73964f97e49a38f commit 93382242ad7ed5613f96fc7ca73964f97e49a38f Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-12-07 08:56:20 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-12-07 08:56:35 +0000 [ GLSA 202412-02 ] Cacti: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/823788 Bug: https://bugs.gentoo.org/834597 Bug: https://bugs.gentoo.org/884799 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202412-02.xml | 63 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+)