unifi-docker icon indicating copy to clipboard operation
unifi-docker copied to clipboard

Published 20 hours ago verified publisher icon jacobalberty

PSA: Security Bulletin for apps <8.1.113

Open GAMERTECH opened this issue 10 months ago • 2 comments

Ubiquiti have published a CVSS 9.1 exploit warning for self-hosted installs 8.0.28 and earlier.

It requires the attacker to have admin credentials, so not 'too' bad, but grants full root access to the hosting device.

Patch ASAP

https://community.ui.com/releases/Security-Advisory-Bulletin-038-038/9d13fead-47de-4372-b2c1-745b8d6b0399

GAMERTECH avatar Mar 25 '24 23:03 GAMERTECH

Hello, the v8.1.113 release has been available since March 22nd : https://github.com/jacobalberty/unifi-docker/releases/tag/v8.1.113 As I understand it, this release includes the CVE fix.

josephpage avatar Apr 04 '24 18:04 josephpage

Think you've misunderstood. This is a PSA to users of this project to update to the latest image from this project.

GAMERTECH avatar Apr 04 '24 21:04 GAMERTECH

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.

github-actions[bot] avatar May 05 '24 01:05 github-actions[bot]