VDB
GMS-2022-7744
GMS-2022-7744
PUBLISHED
Prometheus vulnerable to basic authentication bypass
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| github.com | prometheus/prometheus/v2 | 2.24.1, 2.38.0 |
Timeline
- Dec 5, 2022 CVE Published
References
- https://github.com/prometheus/prometheus/security/advisories/GHSA-4v48-4q5m-8vx4 url
- https://github.com/prometheus/prometheus/commit/31a2db3ae9c0f4b486b6895973beabc1d1beac93 patch
- https://github.com/prometheus/prometheus/releases/tag/v2.37.4 url
- https://github.com/prometheus/prometheus/releases/tag/v2.40.4 url
- https://github.com/advisories/GHSA-4v48-4q5m-8vx4 advisory