Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-21673

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. In affected versions when a data source has the Forward OAuth Identity feature enabled,...

4.3CVSS6.8AI score0.02013EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 3: grafana (TSSA-2022:0233)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0233 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

8.8CVSS6.9AI score0.02359EPSS
Exploits2References6
RedHat Linux
RedHat Linux
added 2022/11/15 10:31 a.m.40 views

Important: Red Hat Security Advisory: grafana security, bug fix, and enhancement update

An update for grafana is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

8.8CVSS6.9AI score0.05994EPSS
Exploits5References19
OSV
OSV
added 2022/11/15 12:0 a.m.33 views

ALSA-2022:8057 Important: grafana security, bug fix, and enhancement update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. The following packages have been upgraded to a later upstream version: grafana 7.5.15. BZ2055349 Security Fixes: sanitize-url: XSS due to improper sanitization in sanitizeUrl function...

8.8CVSS9.5AI score0.05994EPSS
Exploits5References32
Tenable Nessus
Tenable Nessus
added 2022/11/12 12:0 a.m.54 views

AlmaLinux 8 : grafana (ALSA-2022:7519)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2022:7519 advisory. - The package @braintree/sanitize-url before 6.0.0 are vulnerable to Cross-site Scripting XSS due to improper sanitization in sanitizeUrl function...

8.8CVSS7.2AI score0.05994EPSS
Exploits5References16
Tenable Nessus
Tenable Nessus
added 2022/11/09 12:0 a.m.46 views

CentOS 8 : grafana (CESA-2022:7519)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2022:7519 advisory. - sanitize-url: XSS due to improper sanitization in sanitizeUrl function CVE-2021-23648 - golang: net/http: improper sanitization of Transfer-Encoding...

8.8CVSS7.2AI score0.05994EPSS
Exploits5References16
RedHat Linux
RedHat Linux
added 2022/11/08 9:34 a.m.32 views

Moderate: Red Hat Security Advisory: grafana security, bug fix, and enhancement update

An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

8.8CVSS6.9AI score0.05994EPSS
Exploits5References18
RedHat Linux
RedHat Linux
added 2022/08/09 8:31 p.m.82 views

Moderate: Red Hat Security Advisory: New container image for Red Hat Ceph Storage 5.2 Security update

A new container image for Red Hat Ceph Storage 5.2 is now available in the Red Hat Ecosystem Catalog. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

4.3CVSS6.7AI score0.57499EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2022/06/21 12:0 a.m.35 views

SUSE: Security Advisory (SUSE-SU-2022:2134-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.3AI score0.99888EPSS
Exploits47References18
OpenVAS
OpenVAS
added 2022/05/17 12:0 a.m.34 views

openSUSE: Security Advisory for SUSE (SUSE-SU-2022:1396-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8AI score0.99888EPSS
Exploits47References4
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.27 views

Fedora: Security Advisory for grafana (FEDORA-2022-9dd03cab55)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.9AI score0.05994EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2022/04/21 12:0 a.m.35 views

Fedora: Security Advisory for grafana (FEDORA-2022-83405f9d5b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.9AI score0.05994EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2022/03/10 4:0 p.m.79 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.10.3 security update

Red Hat OpenShift Container Platform release 4.10.3 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which...

9.8CVSS7AI score0.99888EPSS
Exploits3References1507
OSV
OSV
added 2022/02/19 11:3 a.m.5 views

OESA-2022-1531 grafana security update

Metrics dashboard and graph editor. Security Fixes: Grafana is an open-source platform for monitoring and observability. In affected versions when a data source has the Forward OAuth Identity feature enabled, sending a query to that datasource with an API token and no other user credentials will...

4.3CVSS6.8AI score0.02013EPSS
Exploits0References2
CVE
CVE
added 2022/01/18 9:35 p.m.234 views

CVE-2022-21673

Grafana Forward OAuth Identity vulnerability (CVE-2022-21673) affects Grafana data sources with Forward OAuth Identity enabled, allowing API token holders to access data tied to the most recently logged-in user. Root cause: data sources with the Forward OAuth Identity feature enabled, OAuth enabl...

4.3CVSS6.2AI score0.02013EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2022/01/18 9:35 p.m.5 views

CVE-2022-21673 OAuth Identity Token exposure in Grafana

Grafana is an open-source platform for monitoring and observability. In affected versions when a data source has the Forward OAuth Identity feature enabled, sending a query to that datasource with an API token and no other user credentials will forward the OAuth Identity of the most recently...

4.3CVSS7AI score0.02013EPSS
Exploits0References7
Rows per page
Query Builder