EUVD-2024-0834

Malicious code in bioql PyPI...

Security update for grafana

This update for grafana fixes the following issues: grafana was updated from version 9.5.18 to 10.4.13 jscPED-11591,jscPED-11649: Security issues fixed: CVE-2024-45337: Prevent possible misuse of ServerConfig.PublicKeyCallback by upgrading golang.org/x/crypto bsc1234554 CVE-2023-3128: Fixed...

CVE-2024-1442

A user with the permissions to create a data source can use Grafana API to create a data source with UID set to . Doing this will grant the user access to read, query, edit and delete all data sources within the organization...

Information disclosure

A user with the permissions to create a data source can use Grafana API to create a data source with UID set to . Doing this will grant the user access to read, query, edit and delete all data sources within the organization...

CVE-2021-27962

A flaw was found in Grafana Enterprise. Users with the Editor role are allowed to bypass data source permissions for the organization's default data source. The highest threat from this vulnerability is to data confidentiality. Mitigation If you are using the Enterprise version of Grafana, you ca...

Grafana Labs Grafana Enterprise 安全漏洞

Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. A security vulnerability exists in Grafana Enterprise that stems from a user with the...