Lucene search
+L

6 matches found

OSV
OSV
added 2024/05/14 10:11 p.m.62 views

GHSA-7533-C8QV-JM9M Grafana directory traversal for .cvs files

Today we are releasing Grafana 8.3.2 and 7.5.12. This patch release includes a moderate severity security fix for directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured. The vulnerability i...

4.3CVSS6.4AI score0.01746EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2022/12/14 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:4428-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.88849EPSS
Exploits45References4
OpenVAS
OpenVAS
added 2022/06/21 12:0 a.m.35 views

SUSE: Security Advisory (SUSE-SU-2022:2134-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.3AI score0.99888EPSS
Exploits47References18
ALT Linux
ALT Linux
added 2022/05/05 12:0 a.m.94 views

Security fix for the ALT Linux 10 package grafana version 8.5.0-alt1

8.5.0-alt1 built May 5, 2022 Alexey Shabalin in task 299382 April 26, 2022 Alexey Shabalin - 8.5.0 - Use pre-builded frontend - Fixes: + CVE-2022-24812 + CVE-2022-21702 + CVE-2022-21703 + CVE-2022-21713 + CVE-2021-43813 + CVE-2021-43815 + CVE-2021-41244 + CVE-2021-41174...

6.8CVSS6.4AI score0.84607EPSS
Exploits1
ArchLinux
ArchLinux
added 2021/12/11 12:0 a.m.50 views

[ASA-202112-11] grafana: directory traversal

Arch Linux Security Advisory ASA-202112-11 ========================================== Severity: High Date : 2021-12-11 CVE-ID : CVE-2021-43798 CVE-2021-43813 CVE-2021-43815 Package : grafana Type : directory traversal Remote : Yes Link : https://security.archlinux.org/AVG-2609 Summary ======= The...

7.5CVSS0.9AI score0.88849EPSS
Exploits44References14
CVE
CVE
added 2021/12/10 8:40 p.m.194 views

CVE-2021-43815

CVE-2021-43815 affects Grafana where an authenticated user could perform a directory traversal to read arbitrary *.csv files via the /api/ds/query path. Affected versions are Grafana 8.0.0-beta3 through 8.3.1 (and related impact notes). The issue is limited to instances with the TestData DB data ...

4.3CVSS4.8AI score0.01746EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder