CVE-2013-6048
Munin < 2.0.18 - Denial of Service via Crafted Multigraph Data
Title source: llmDescription
The get_group_tree function in lib/Munin/Master/HTMLConfig.pm in Munin before 2.0.18 allows remote nodes to cause a denial of service (infinite loop and memory consumption in the munin-html process) via crafted multigraph data.
References (4)
Core 4
Core References
Various Sources x_refsource_confirm
https://github.com/munin-monitoring/munin/blob/2.0.18/ChangeLog
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2013/dsa-2815
Vendor Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2090-1
Patch x_refsource_confirm
https://github.com/munin-monitoring/munin/commit/284d7402718d98fcf10cee565415939882abab99
Scores
EPSS
0.0250
EPSS Percentile
82.7%
Details
CWE
CWE-20
Status
published
Products (19)
munin-monitoring/munin
2.0.0
munin-monitoring/munin
2.0.1
munin-monitoring/munin
2.0.2
munin-monitoring/munin
2.0.3
munin-monitoring/munin
2.0.4
munin-monitoring/munin
2.0.5
munin-monitoring/munin
2.0.6
munin-monitoring/munin
2.0.7
munin-monitoring/munin
2.0.8
munin-monitoring/munin
2.0.9
... and 9 more
Published
Dec 13, 2013
Tracked Since
Feb 18, 2026