grafana security update

🗓️ 29 May 2024 00:00:00Reported by OracleLinuxType

Security update for Grafana version 9.2.10-16, includes fix for OrdID deletion and CVE-2024-1313 and CVE-2024-1394 vulnerabilities

Reporter	Title	Published	Views	Family All 406
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Node.js, Golang Go, HTTP/2, NGINX, OpenSSH, Linux kernel might affect IBM Spectrum Protect Plus	4 Feb 202518:15	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Storage Ceph is vulnerable to Authorization Bypass in Grafana (CVE-2024-1313)	29 Jul 202521:04	–	ibm
IBM Security Bulletins	Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to protobuf-go, libcurl, libexpat, Java SE, IBM GSKit-Crypto, open redirect, buffer overflow condition and golang-fips/openssl vulnerabilities.	30 Apr 202407:19	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in Golang Affect IBM Cloud Pak System	4 Feb 202518:15	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Go	5 Jun 202420:27	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson CP4D Data Stores is vulnerable to Golang golang-fips/openssl denial of service vulnerabilitiy( CVE-2024-1394 )	28 Jan 202522:08	–	ibm
Tenable Nessus	Alibaba Cloud Linux 3 : 0082: go-toolset:an8 (ALINUX3-SA-2024:0082)	14 May 202500:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0096: grafana (ALINUX3-SA-2024:0096)	14 May 202500:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0113: grafana-pcp (ALINUX3-SA-2024:0113)	14 May 202500:00	–	nessus
Tenable Nessus	Alibaba Cloud Linux 3 : 0164: container-tools:rhel8 (ALINUX3-SA-2024:0164)	14 May 202500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
oracle linux	8	src	grafana	9.2.10-16.el8_10	grafana-9.2.10-16.el8_10.src.rpm
oracle linux	8	aarch64	grafana	9.2.10-16.el8_10	grafana-9.2.10-16.el8_10.aarch64.rpm
oracle linux	8	aarch64	grafana-selinux	9.2.10-16.el8_10	grafana-selinux-9.2.10-16.el8_10.aarch64.rpm
oracle linux	8	src	grafana	9.2.10-16.el8_10	grafana-9.2.10-16.el8_10.src.rpm
oracle linux	8	x86_64	grafana	9.2.10-16.el8_10	grafana-9.2.10-16.el8_10.x86_64.rpm
oracle linux	8	x86_64	grafana-selinux	9.2.10-16.el8_10	grafana-selinux-9.2.10-16.el8_10.x86_64.rpm

29 May 2024 00:00Current

7.3High risk

Vulners AI Score7.3

CVSS 3.17.5

EPSS0.01379

SSVC