Security Advisories
Release Date 2nd March 2022. Overview In some circumstances a encrypted version of the footage cloud backup data encryption key can be logged to the inte...
Mon, 14 Mar, 2022 at 5:46 PM
Release Date 14th March 2022. Overview Under specific video streaming circumstances the Aware instance serial number may be leaked during the Ava Smart P...
Mon, 14 Mar, 2022 at 5:46 PM
Release Date 14th March 2022. Overview Any authenticated Ava Aware user could view live video and view historic video from any camera in the deployment r...
Mon, 14 Mar, 2022 at 5:46 PM
Release Date 14th March 2022. Overview An authenticated Ava Aware user with the permission to delete counting areas could delete associated count rules w...
Mon, 14 Mar, 2022 at 5:45 PM
Release Date 22th December 2021. Overview Under specific circumstances, our web service was configured to display detailed error messages. This could hav...
Tue, 1 Feb, 2022 at 10:00 PM
Release Date 22nd December 2021. Overview Under specific circumstances Internal IP addresses could be disclosed by sending a crafted request. Affected ...
Tue, 1 Feb, 2022 at 9:59 PM
Release Date 13th January 2021. Overview Due to a vulnerability in the golang.org/x/net/http2 package, an attacker could cause unbounded memory usage whi...
Wed, 12 Jan, 2022 at 2:28 PM
Release Date 17th December 2021. Overview Webhook passwords were included in the Camera log bundle. Affected Products Ava Cameras: All Stable upgrade...
Fri, 17 Dec, 2021 at 7:36 PM
Release Date 17th December 2021. Overview Creating or updating a webhook with a password in Ava Aware would cause the password to appear in the audit log...
Fri, 17 Dec, 2021 at 7:34 PM
Release Date 17th December 2021. Overview The service account key for Disruptive Technologies could be retrieved using
the Ava Aware API and could be vi...
Fri, 17 Dec, 2021 at 7:33 PM