Lucene search
+L

94 matches found

Wolfi
Wolfi
added 2026/01/07 1:51 a.m.3 views

GHSA-RX8G-88G5-QH64 vulnerabilities

Vulnerabilities for packages: grafana-image-renderer, opensearch-dashboards...

5.3AI score
Exploits0
Wolfi
Wolfi
added 2026/01/07 1:51 a.m.4 views

CVE-2025-57352 vulnerabilities

Vulnerabilities for packages: grafana-image-renderer, opensearch-dashboards...

5.3CVSS5.1AI score0.00329EPSS
Exploits0
Chainguard
Chainguard
added 2026/01/07 1:29 a.m.4 views

GHSA-RX8G-88G5-QH64 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards-fips, foxx-cli, grafana-image-renderer, opensearch-dashboards...

5.3AI score
Exploits0
Chainguard
Chainguard
added 2026/01/07 1:29 a.m.7 views

CVE-2025-57352 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards-fips, foxx-cli, grafana-image-renderer, opensearch-dashboards...

5.3CVSS5.1AI score0.00329EPSS
Exploits0
OSV
OSV
added 2025/10/11 8:40 a.m.11 views

BIT-GRAFANA-IMAGE-RENDERER-2025-11539 Arbitrary Code Execution in Grafana Image Renderer Plugin

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

9.9CVSS8.2AI score0.00594EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/10/10 6:27 p.m.12 views

CVE-2025-11539

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

9.9CVSS8.3AI score0.00594EPSS
Exploits0References1
NVD
NVD
added 2025/10/09 8:15 a.m.9 views

CVE-2025-11539

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

9.9CVSS0.00594EPSS
Exploits0References2
OSV
OSV
added 2025/10/09 7:18 a.m.7 views

CVE-2025-11539 Arbitrary Code Execution in Grafana Image Renderer Plugin

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

9.9CVSS7.9AI score0.00594EPSS
Exploits0References4
CVE
CVE
added 2025/10/09 7:18 a.m.50 views

CVE-2025-11539

Grafana Image Renderer (grafana-image-renderer) is affected by an ARBITRARY FILE WRITE leading to remote code execution via /render/csv, where a lack of validation of filePath allows saving a shared object to an arbitrary location loaded by Chromium. Affected versions are 1.0.0 through 4.0.16. Ex...

9.9CVSS8AI score0.00594EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/09 7:18 a.m.24 views

CVE-2025-11539 Arbitrary Code Execution in Grafana Image Renderer Plugin

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

9.9CVSS0.00594EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/09 7:18 a.m.5 views

EUVD-2025-33321

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

9.9CVSS7.8AI score0.00594EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/09 7:18 a.m.4 views

CVE-2025-11539 Arbitrary Code Execution in Grafana Image Renderer Plugin

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

9.9CVSS8AI score0.00594EPSS
Exploits0References2
Grafana
Grafana
added 2025/10/09 12:0 a.m.15 views

Arbitrary Code Execution in Grafana Image Renderer Plugin

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

9.9CVSS6.5AI score0.00594EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/10/09 12:0 a.m.10 views

PT-2025-41359

Name of the Vulnerable Software and Affected Versions Grafana Image Renderer versions 1.0.0 through 4.0.16 Description Grafana Image Renderer is susceptible to remote code execution due to an arbitrary file write issue. The /render/csv API endpoint lacks proper validation of the filePath paramete...

9.9CVSS7.8AI score0.00594EPSS
Exploits0References14
CNNVD
CNNVD
added 2025/10/09 12:0 a.m.6 views

grafana-image-renderer 安全漏洞

grafana-image-renderer is a Grafana open source backend plugin for Grafana. A security vulnerability exists in grafana-image-renderer versions 1.0.0 through 4.0.16, which stems from the /render/csv endpoint that does not validate the filePath parameter, which could lead to remote code execution...

9.9CVSS7.5AI score0.00594EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-52777

Malicious code in bioql PyPI...

8.3CVSS8.1AI score0.00903EPSS
Exploits0References3
Wolfi
Wolfi
added 2025/09/29 2:21 p.m.9 views

CVE-2025-59343 vulnerabilities

Vulnerabilities for packages: grafana-image-renderer, sqlpad, langfuse, tileserver-gl, code-server...

8.7CVSS5.3AI score0.00516EPSS
Exploits0
Wolfi
Wolfi
added 2025/09/29 2:21 p.m.4 views

GHSA-VJ76-C3G6-QR5V vulnerabilities

Vulnerabilities for packages: grafana-image-renderer, sqlpad, langfuse, tileserver-gl, code-server...

5.3AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/09/04 10:32 p.m.10 views

CVE-2025-22423

In ParseTag of dngifd.cpp, there is a possible way to crash the image renderer due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

7.5CVSS6.5AI score0.00292EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/02 12:0 a.m.12 views

PT-2025-35627

Name of the Vulnerable Software and Affected Versions: dng ifd.cpp affected versions not specified Description: A missing bounds check in the ParseTag function within dng ifd.cpp may lead to a crash of the image renderer, potentially resulting in a remote denial of service. Exploitation does not...

7.5CVSS6.2AI score0.00292EPSS
Exploits0References5
Rows per page
Query Builder