Prometheus Blackbox Exporter
By the Year
In 2024 there have been 0 vulnerabilities in Prometheus Blackbox Exporter . Last year Blackbox Exporter had 1 security vulnerability published. Right now, Blackbox Exporter is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 1 | 7.50 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 5.80 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Blackbox Exporter vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Prometheus Blackbox Exporter Security Vulnerabilities
blackbox_exporter v0.23.0 was discovered to contain an access control issue in its probe interface
CVE-2023-26735
7.5 - High
- April 26, 2023
blackbox_exporter v0.23.0 was discovered to contain an access control issue in its probe interface. This vulnerability allows attackers to detect intranet ports and services, as well as download resources. NOTE: this is disputed by third parties because authentication can be configured.
XSPA
Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF
CVE-2020-16248
5.8 - Medium
- August 09, 2020
Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF. NOTE: follow-on discussion suggests that this might plausibly be interpreted as both intended functionality and also a vulnerability
XSPA
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Prometheus Blackbox Exporter or by Prometheus? Click the Watch button to subscribe.
