2 matches found
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS : Graphite-Web vulnerabilities (USN-6243-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6243-1 advisory. It was discovered that Graphite-Web incorrectly handled certain inputs. If a user or an automated system were tricked...
CVE-2017-18638
CVE-2017-18638 affects Graphite’s graphite-web send_email() in the composer/views.py path up to version 1.1.5. It allows SSRF: the Graphite web server can fetch arbitrary resources and embed the response in an image sent via email, enabling information exfiltration. The issue is fixed in Graphite...