UBUNTU-CVE-2022-39289

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2022-39289

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-39289.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2022-39289

Related

CVE-2022-39289

Published

2022-10-07T21:15:00Z

Modified

2025-01-13T10:23:31Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

ZoneMinder is a free, open source Closed-circuit television software application. In affected versions the ZoneMinder API Exposes Database Log contents to user without privileges, allows insertion, modification, deletion of logs without System Privileges. Users are advised yo upgrade as soon as possible. Users unable to upgrade should disable database logging.

References

Affected packages

Ubuntu:Pro:16.04:LTS / zoneminder

Package

Name: zoneminder
Purl: pkg:deb/ubuntu/zoneminder@1.29.0+dfsg-1ubuntu2+esm1?arch=source&distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.28.1-8

1.29.0+dfsg-1

1.29.0+dfsg-1ubuntu1

1.29.0+dfsg-1ubuntu2

1.29.0+dfsg-1ubuntu2+esm1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / zoneminder

Package

Name: zoneminder
Purl: pkg:deb/ubuntu/zoneminder@1.32.3-2ubuntu2?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.32.3-2build1

1.32.3-2ubuntu1

1.32.3-2ubuntu2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / zoneminder

Package

Name: zoneminder
Purl: pkg:deb/ubuntu/zoneminder@1.36.12+dfsg1-1?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.36.7+dfsg1-1

1.36.10+dfsg1-1

1.36.11+dfsg1-1

1.36.12+dfsg1-1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.10 / zoneminder

Package

Name: zoneminder
Purl: pkg:deb/ubuntu/zoneminder@1.36.33+dfsg1-1ubuntu1?arch=source&distro=oracular

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.36.33+dfsg1-1build4

1.36.33+dfsg1-1ubuntu1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:24.04:LTS / zoneminder

Package

Name: zoneminder
Purl: pkg:deb/ubuntu/zoneminder@1.36.33+dfsg1-1build4?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1.*

1.36.33+dfsg1-1build1

1.36.33+dfsg1-1build2

1.36.33+dfsg1-1build3

1.36.33+dfsg1-1build4

Ecosystem specific

{
    "ubuntu_priority": "medium"
}