Lucene search
K

6 matches found

ALT Linux
ALT Linux
added 2023/01/31 12:0 a.m.52 views

Security fix for the ALT Linux 10 package grafana version 8.5.20-alt1

8.5.20-alt1 built Jan. 31, 2023 Alexey Shabalin in task 314152 Jan. 25, 2023 Alexey Shabalin - 8.5.20 - Fixes: + CVE-2022-39307 + CVE-2022-39306 + CVE-2022-39229 + CVE-2022-39201 + CVE-2022-36062 + CVE-2022-35957 + CVE-2022-31130 + CVE-2022-31123 + CVE-2022-31107 + CVE-2022-31097 + CVE-2022-29170...

4.9CVSS6.5AI score0.68603EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/12/14 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:4428-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.88849EPSS
Exploits45References4
OSV
OSV
added 2022/06/17 11:3 a.m.2 views

OESA-2022-1711 grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way s...

8.5CVSS6.7AI score0.01116EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2022/05/23 12:0 a.m.25 views

Grafana Datasource Network Restriction Bypass Vulnerability (GHSA-9rrr-6fq2-4f99)

Grafana is prone to a datasource network restriction bypass vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

8.5CVSS9.2AI score0.01116EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/05/20 4:10 p.m.6 views

CVE-2022-29170 Grafana Enterprise datasource network restrictions bypass via HTTP redirects

Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn’t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and...

6.6CVSS8.4AI score0.01116EPSS
Exploits0References5
CVE
CVE
added 2022/05/20 4:10 p.m.138 views

CVE-2022-29170

Grafana Enterprise contains a vulnerability where, if the Request security allow list is used and a custom datasource returns an HTTP redirect to a forbidden host, Grafana could blindly follow redirects and expose secure information. Affected versions run from 7.4.0-beta1 up to, but not including...

8.5CVSS7.1AI score0.01116EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder