Lucene search
K

10 matches found

OSV
OSV
added 2026/05/23 10:34 a.m.8 views

CLSA-2026-1779532464 grafana: Fix of CVE-2022-39324

CVE-2022-39324: build snapshot originalUrl on the backend with a UID check and warn through a confirm modal before navigating to a cross-origin snapshot URL...

6.7CVSS6.8AI score0.00828EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2022-39324

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily...

6.7CVSS6.7AI score0.00828EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/18 2:20 p.m.30 views

Security Bulletin: IBM Storage Ceph is vulnerable to Cross Site Scripting in Grafana (CVE-2022-39324)

Summary Grafana is used by IBM Storage Ceph as part of the dashboard to monitor the stats for each cluster. CVE-2022-39324 This bulletin identifies the steps to take to address the vulnerability in Grafana. Vulnerability Details CVEID:CVE-2022-39324 DESCRIPTION: Grafana could allow a remote...

6.7CVSS5.2AI score0.00828EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2023/11/07 8:59 a.m.48 views

Moderate: Red Hat Security Advisory: grafana security and enhancement update

An update for grafana is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

9.8CVSS6.7AI score0.05623EPSS
Exploits1References13
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2023:0812-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.2AI score0.04561EPSS
Exploits1References11
Tenable Nessus
Tenable Nessus
added 2023/03/22 12:0 a.m.66 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : SUSE Manager Client Tools (SUSE-SU-2023:0812-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0812-1 advisory. dracut-saltboot: - Update to verion 0.1.1674034019.a93ff61 Install copied wicked config as...

8.8CVSS6.7AI score0.04561EPSS
Exploits1References17
Tenable Nessus
Tenable Nessus
added 2023/02/09 12:0 a.m.30 views

FreeBSD : Grafana -- Spoofing originalUrl of snapshots (e6281d88-a7a7-11ed-8d6a-6c3be5272acd)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e6281d88-a7a7-11ed-8d6a-6c3be5272acd advisory. - Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and...

6.7CVSS6.9AI score0.00828EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2023/01/30 1:5 p.m.55 views

CVE-2022-39324

A flaw was found in the grafana package. While creating a snapshot, an attacker may manipulate a hidden HTTP parameter to inject a malicious URL in the "Open original dashboard" button...

6.7CVSS1.2AI score0.02179EPSS
Exploits0References4
Chainguard
Chainguard
added 2023/01/27 11:15 p.m.494 views

CVE-2022-39324 vulnerabilities

Vulnerabilities for packages: grafana-fips...

6.7CVSS6.7AI score0.00828EPSS
Exploits0
CVE
CVE
added 2023/01/27 10:42 p.m.899 views

CVE-2022-39324

Grafana prior to versions 8.5.16 and 9.2.8 is affected by CVE-2022-39324, where a malicious user can craft a snapshot URL to mislead other users via an attacker-injected originalUrl. The vulnerability arises from a web proxy-related query editing, causing the Open original dashboard button to poi...

6.7CVSS4.9AI score0.00828EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder