Aggregates CVE and security vulnerability intelligence across all smokeping-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk cross-site scripting and vendor risk denial of service, with potential vendor impact session compromise across vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2017-20147 | In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript uses a PID file that is writable by the smokeping user. By writing arbitrary PIDs to that file, the smokeping user can cause a denial of service to arbitrary PIDs when the service is stopped. | [email protected] | 6.5 | 0.83% | 2022-09-20 | 2025-05-29 |
| CVE-2016-20015 | In the ebuild package through smokeping-2.7.3-r1 for SmokePing on Gentoo, the initscript allows the smokeping user to gain ownership of any file, allowing for the smokeping user to gain root privileges. There is a race condition involving /var/lib/smokeping and chown. | [email protected] | 7.5 | 0.55% | 2022-09-20 | 2025-05-29 |
| CVE-2013-4158 | smokeping before 2.6.9 has XSS (incomplete fix for CVE-2012-0790) | [email protected] | 6.1 | 1.25% | 2019-12-11 | 2024-11-21 |
| CVE-2013-4168 | Cross-site scripting (XSS) vulnerability in SmokePing 2.6.9 in the start and end time fields. | [email protected] | 6.1 | 1.07% | 2019-11-01 | 2024-11-21 |