Lucene search
GitHub Advisory DatabaseGHSA-37X5-QPM8-53RQHistoryOct 16, 2023 - 12:33 p.m.
Google Sheets data source plugin for Grafana information disclosure vulnerability
2023-10-1612:33:36
CWE-209
GitHub Advisory Database
github.com
4
grafana
google sheets
plugin
information disclosure
vulnerability
api-key
data source
version 1.2.2
software
0.001 Low
EPSS
Percentile
36.5%
Grafana is an open-source platform for monitoring and observability.
The Google Sheets data source plugin for Grafana, versions 0.9.0 to 1.2.2 are vulnerable to an information disclosure vulnerability.
The plugin did not properly sanitize error messages, making it potentially expose the Google Sheet API-key that is configured for the data source.
This vulnerability was fixed in version 1.2.2.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/grafana/google-sheets-datasource | ge | 0.9.0 | |
| github.com/grafana/google-sheets-datasource | lt | 1.2.2 |
Related
osv
osv
Google Sheets data source plugin for Grafana information disclosure vulnerability
2023-10-16 12:33:36
CVE-2023-4457
2023-10-16 10:15:12
veracode
veracode
Information Disclosure
2023-10-23 10:42:25
cvelist
cvelist
CVE-2023-4457
2023-10-16 09:45:46
prion
prion
Information disclosure
2023-10-16 10:15:00
cve
cve
CVE-2023-4457
2023-10-16 10:15:12
redos
redos
ROS-20240403-14
2024-04-03 00:00:00
ROS-20240403-01
2024-04-03 00:00:00