Lucene search

Basic search
Lucene search
Search by product

Database

Vendors

GoogleOSV:OPENSUSE-SU-2024:12723-1

HistoryJun 15, 2024 - 12:00 a.m.

Vulners
/
Osv
/
grafana-9.3.6-1.1 on GA media

grafana-9.3.6-1.1 on GA media

2024-06-1500:00:00

Google

osv.dev

grafana

security

opensuse

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

Low

EPSS

0.012

Percentile

85.4%

JSON

These are all security issues fixed in the grafana-9.3.6-1.1 package on the GA media of openSUSE Tumbleweed.

References

www.suse.com/security/cve/CVE-2020-7753

www.suse.com/security/cve/CVE-2021-3807

www.suse.com/security/cve/CVE-2021-3918

www.suse.com/security/cve/CVE-2021-43138

www.suse.com/security/cve/CVE-2022-0155

www.suse.com/security/cve/CVE-2022-27664

www.suse.com/security/cve/CVE-2022-32149

nessus 27

openvas 14

ibm 30

nvd 5

veracode 6

cvelist 5

github 4

debiancve 5

prion 6

redhatcve 6

cve 6

osv 34

nodejs 1

redhat 4

cbl_mariner 19

huntr 4

alpinelinux 1

cgr 3

ubuntucve 4

gitlab 3

wolfi 2

debian 1

mageia 1

suse 3

ubuntu 1

cnvd 1

hackerone 1

almalinux 2

nessus

SUSE SLES15 / openSUSE 15 Security Update : SUSE Manager Client Tools (SUSE-SU-2024:0487-1)

2024-02-17 00:00:00

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : SUSE Manager Client Tools (SUSE-SU-2023:2575-1)

2023-06-22 00:00:00

SUSE SLES15 / openSUSE 15 Security Update : SUSE Manager Client Tools (SUSE-SU-2023:2578-1)

2023-06-22 00:00:00

openvas

SUSE: Security Advisory (SUSE-SU-2023:2578-1)

2023-06-22 00:00:00

Ubuntu: Security Advisory (USN-6103-1)

2023-05-25 00:00:00

SUSE: Security Advisory (SUSE-SU-2022:0563-1)

2022-02-25 00:00:00

ibm

Security Bulletin: Multiple vulnerabilities affect IBM Db2® REST

2023-04-18 16:23:21

Security Bulletin: Vulnerability in async opensource package affects IBM VM Recovery Manager HA & DR GUI

2022-07-20 16:54:39

Security Bulletin: IBM Storage Ceph is vulnerable to Prototype Pollution in Grafana (CVE-2021-43138)

2024-07-08 20:28:01

nvd

CVE-2021-43138

2022-04-06 17:15:08

CVE-2022-32149

2022-10-14 15:15:34

CVE-2020-7753

2020-10-27 09:15:12

veracode

Prototype Pollution

2022-04-07 04:36:10

Denial Of Service (DoS)

2022-10-17 01:29:49

Regular Expression Denial Of Service (ReDoS)

2020-10-28 00:28:18

cvelist

CVE-2021-43138

2022-04-06 00:00:00

CVE-2020-7753 Regular Expression Denial of Service (ReDoS)

2020-10-27 08:15:15

CVE-2022-32149 Denial of service via crafted Accept-Language header in golang.org/x/text/language

2022-10-14 00:00:00

github

Prototype Pollution in async

2022-04-07 00:00:17

Regular Expression Denial of Service in trim

2021-05-10 18:44:22

golang.org/x/text/language Denial of service via crafted Accept-Language header

2022-10-14 19:00:40

debiancve

CVE-2021-43138

2022-04-06 17:15:08

CVE-2022-32149

2022-10-14 15:15:34

CVE-2021-3918

2021-11-13 09:15:06

prion

Design/Logic Flaw

2022-04-06 17:15:00

Design/Logic Flaw

2020-10-27 09:15:00

Code injection

2022-10-14 15:15:00

redhatcve

CVE-2021-43138

2022-09-13 08:13:03

CVE-2020-7753

2022-12-01 16:26:06

CVE-2022-32149

2022-10-13 15:00:26

cve

CVE-2021-43138

2022-04-06 17:15:08

CVE-2020-7753

2020-10-27 09:15:12

CVE-2022-32149

2022-10-14 15:15:34

osv

CVE-2021-43138

2022-04-06 17:15:08

CGA-xvqc-gw49-f87c

2024-06-06 12:30:04

CGA-3xgc-4vf7-vgr6

2024-06-06 12:22:13

nodejs

Regular Expression Denial of Service in trim

2021-05-10 18:48:44

redhat

(RHSA-2024:1994) Moderate: container-tools:rhel8 security update

2024-04-23 13:24:37

(RHSA-2023:0481) Moderate: Submariner 0.12.3 - security update and bug fix

2023-01-26 20:45:09

(RHSA-2023:3204) Moderate: OpenShift Virtualization 4.13.0 RPMs security and bug fix update

2023-05-18 00:20:56

cbl_mariner

CVE-2022-32149 affecting package kubevirt for versions less than 1.2.0-1

2024-04-17 22:02:46

CVE-2022-32149 affecting package prometheus-adapter for versions less than 0.10.0-14

2024-09-06 19:16:47

CVE-2022-32149 affecting package libcontainers-common for versions less than 20210626-7

2024-09-19 00:09:25

huntr

Inefficient Regular Expression Complexity in apidoc/apidoc-core

2021-07-16 15:30:07

Inefficient Regular Expression Complexity in ramda/ramda

2021-08-26 12:09:09

Prototype Pollution in kriszyp/json-schema

2021-10-03 13:08:43

alpinelinux

CVE-2022-32149

2022-10-14 15:15:34

cgr

CVE-2022-32149 vulnerabilities

2024-05-19 03:07:16

CVE-2021-3807 vulnerabilities

2024-05-19 03:07:16

CVE-2022-27664 vulnerabilities

2024-05-19 03:07:16

ubuntucve

CVE-2022-32149

2022-10-14 00:00:00

CVE-2021-3918

2021-11-13 00:00:00

CVE-2021-3807

2021-09-17 00:00:00

gitlab

Missing Release of Resource after Effective Lifetime

2022-10-14 00:00:00

Missing Release of Resource after Effective Lifetime

2022-10-14 00:00:00

golang.org/x/net/http2 Denial of Service vulnerability

2022-09-07 00:00:00

wolfi

CVE-2022-32149 vulnerabilities

2024-09-28 16:03:05

CVE-2022-27664 vulnerabilities

2024-09-28 16:03:05

debian

[SECURITY] [DLA 3228-1] node-json-schema security update

2022-12-06 19:15:29

mageia

Updated nodejs-json-schema packages fix security vulnerability

2022-12-14 01:09:19

suse

Security update for nodejs12 (important)

2022-03-02 00:00:00

Security update for nodejs8 (important)

2022-03-04 00:00:00

Security update for nodejs14 (important)

2022-03-04 00:00:00

ubuntu

JSON Schema vulnerability

2023-05-24 00:00:00

cnvd

json-schema has an unspecified vulnerability

2021-11-16 00:00:00

hackerone

Nextcloud: @nextcloud/logger NPM package brings vulnerable ansi-regex version

2022-06-20 14:31:09

almalinux

Moderate: grafana-pcp security update

2023-05-16 00:00:00

Moderate: grafana-pcp security and enhancement update

2023-05-09 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.3

Confidence

Low

EPSS

0.012

Percentile

85.4%

JSON

Related for OSV:OPENSUSE-SU-2024:12723-1