pkg:Maven/org.graylog2:graylog2-server

共 11 筆 CVEHIGH2MEDIUM5LOW3

✅ 檢查你的版本

所有已知漏洞

  • HIGH8.8CVE-2024-24824Graylog vulnerable to instantiation of arbitrary classes triggered by API request
    >= 2.0.0, < 5.1.11
  • HIGH8.0CVE-2025-46827Graylog Allows Session Takeover via Insufficient HTML Sanitization
    from 0, < 6.0.14
  • MEDIUM6.5CVE-2025-30373Graylog's Authenticated HTTP inputs ingest message even if Authorization header is missing or has wrong value
    >= 6.1.0, < 6.1.9
  • MEDIUM6.1CVE-2018-11651Cross-site Scripting in Graylog
    from 0, < 2.4.4
  • MEDIUM6.1CVE-2018-11650Cross-site Scripting in Graylog Server
    from 0, < 2.4.4
  • MEDIUM6.1CVE-2018-14380Cross-site Scripting in Graylog Server
    from 0, < 2.4.6
  • MEDIUM5.7CVE-2024-24823Graylog session fixation vulnerability through cookie injection
    >= 4.3.0, < 5.1.11
  • LOW3.7CVE-2023-41045Graylog vulnerable to insecure source port usage for DNS queries
    >= 5.1.0, < 5.1.3
  • LOW3.3CVE-2023-41044Graylog server has partial path traversal vulnerability in Support Bundle feature
    >= 5.1.0, < 5.1.3
  • LOW2.6CVE-2023-41041Graylog user session is still usable after logout
    >= 1.0, < 5.0.9
  • CVE-2025-53106Graylog vulnerable to privilege escalation through API tokens
    >= 6.2.0, < 6.2.4