vulnerability
FreeBSD: VID-587ED8AC-5957-11EF-854A-001E676BF734: OpenHAB CometVisu addon -- Multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:C/I:N/A:N) | 08/09/2024 | 08/13/2024 | 02/19/2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:C/I:N/A:N)
Published
08/09/2024
Added
08/13/2024
Modified
02/19/2025
Description
OpenHAB reports:
This patch release addresses the following security advisories:
SSRF/XSS (CometVisu) - GHSA-v7gr-mqpj-wwh3
Sensitive information disclosure (CometVisu) - GHSA-3g4c-hjhr-73rj
RCE through path traversal (CometVisu) - GHSA-f729-58x4-gqgf
Path traversal (CometVisu) - GHSA-pcwp-26pw-j98w
All of these are related to the CometVisu add-on for openHAB - if you are a user of CometVisu, we strongly recommend to upgrade your system to openHAB 4.2.1 in order to fix those vulnerabilities.
Solution
freebsd-upgrade-package-openhab-addons
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.