Lucene search

K
rockyRockylinux Product ErrataRLSA-2024:1502
HistoryMay 10, 2024 - 2:32 p.m.

grafana-pcp security update

2024-05-1014:32:42
Rockylinux Product Errata
errata.rockylinux.org
10
grafana-pcp
security update
cve-2024-1394
memory leaks
rocky linux 9
open source

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

Low

EPSS

0.001

Percentile

23.4%

An update is available for grafana-pcp.
This update affects Rocky Linux 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
grafana-pcp is an open source Grafana plugin for PCP.

Security Fix(es):

  • grafana-pcp: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394)

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.5

Confidence

Low

EPSS

0.001

Percentile

23.4%