Nixpkgs security tracker

Login with GitHub

Suggestions search

All statuses
Filter by:
With package: perlPackages.MonitoringPlugin

Found 1 matching suggestions

View:
Compact
Detailed
Dismissed
(not in Nixpkgs)
Permalink CVE-2026-32771
updated 2 months ago by @LeSuisse Activity log
  • Created suggestion 2 months ago
  • @LeSuisse dismissed (not in Nixpkgs) 2 months ago
Monitoring is vulnerable to Archive Slip due to missing checks in sanitization

The CTFer.io Monitoring component is in charge of the collection, process and storage of various signals (i.e. logs, metrics and distributed traces). In versions prior to 0.2.2, the sanitizeArchivePath function in pkg/extract/extract.go (lines 248–254) is vulnerable to Path Traversal due to a missing trailing path separator in the strings.HasPrefix check. The extractor allows arbitrary file writes (e.g., overwriting shell configs, SSH keys, kubeconfig, or crontabs), enabling RCE and persistent backdoors. The attack surface is further amplified by the default ReadWriteMany PVC access mode, which lets any pod in the cluster inject a malicious payload. This issue has been fixed in version 0.2.2.

Affected products

monitoring
  • ==< 0.2.2

Matching in nixpkgs

pkgs.perlPackages.MonitoringPlugin

A family of perl modules to streamline writing Naemon, Nagios, Icinga or Shinken (and compatible) plugins

  • nixos-unstable 0.40
    • nixpkgs-unstable 0.40
    • nixos-unstable-small 0.40
  • nixos-25.11 0.40
    • nixos-25.11-small 0.40
    • nixpkgs-25.11-darwin 0.40

pkgs.perl5Packages.MonitoringPlugin

A family of perl modules to streamline writing Naemon, Nagios, Icinga or Shinken (and compatible) plugins

  • nixos-unstable 0.40
    • nixpkgs-unstable 0.40
    • nixos-unstable-small 0.40

Package maintainers