Lucene search

Grafana -- Critical vulnerability in golang

🗓️ 19 Apr 2023 00:00:00Reported by FreeBSDType

Critical vulnerability in golang. Issue with backticks and Javascript injectio

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 199
GithubExploit	Exploit for Code Injection in Golang Go	29 Sep 202317:18	–	githubexploit
GithubExploit	Exploit for Code Injection in Golang Go	29 Sep 202308:09	–	githubexploit
OSV	CGA-99RP-9WFQ-28X2	6 Jun 202412:25	–	osv
OSV	CVE-2023-24538	6 Apr 202316:15	–	osv
OSV	CGA-RW9W-25PP-V4R4	6 Jun 202412:29	–	osv
OSV	Backticks not treated as string delimiters in html/template	5 Apr 202321:05	–	osv
OSV	CGA-X5Q8-XF38-2FVW	6 Jun 202412:26	–	osv
OSV	CGA-GFVM-PG6M-9626	6 Jun 202412:25	–	osv
OSV	BIT-golang-2023-24538	6 Mar 202410:56	–	osv
OSV	OPENSUSE-SU-2024:12845-1 go1.19-1.19.8-1.1 on GA media	15 Jun 202400:00	–	osv

Source	Link
grafana	www.grafana.com/blog/2023/04/26/precautionary-patches-for-grafana-released-following-critical-go-vulnerability-cve-2023-24538/

OS	OS Version	Architecture	Package	Package Version	Filename
FreeBSD	any	noarch	grafana	8.5.24	UNKNOWN
FreeBSD	any	noarch	grafana8	8.5.24	UNKNOWN
FreeBSD	any	noarch	grafana9	9.2.17	UNKNOWN

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

19 Apr 2023 00:00Current

9.8High risk

Vulners AI Score9.8

CVSS39.8

EPSS0.00477

SSVC