CVE-2012-2147
EPSS 1.3%
Description
munin-cgi-graph in Munin 2.0 rc4 allows remote attackers to cause a denial of service (disk or memory consumption) via many image requests with large values in the (1) size_x or (2) size_y parameters.
How to fix CVE-2012-2147
To remediate CVE-2012-2147, upgrade the affected package to a fixed version below.
- Debian/munin—upgrade to 2.0~rc6-1 or later
Is CVE-2012-2147 being exploited?
Low — EPSS is 1.3%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 2.0~rc6-1