66 matches found
RLSA-2024:6946 Important: grafana-pcp security update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: encoding/gob: golang: Calling Decoder.Decode on a message which contains deepl...
Injection com.fasterxml.jackson.core:jackson-databind Dependency in Crowd Data Center and Server
This High severity com.fasterxml.jackson.core:jackson-databind Dependency vulnerability was introduced in versions 5.0.0, 5.1.0, and 5.2.0 of Crowd Data Center and Server. This com.fasterxml.jackson.core:jackson-databind Dependency vulnerability, with a CVSS Score of 8.1 and a CVSS Vector of...
ALSA-2024:1644 Important: grafana-pcp security and bug fix update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloa...
ALSA-2023:2785 Moderate: grafana-pcp security update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang: net/http: handle server errors after sending GOAWAY CVE-2022-27664 For...
Moderate: Red Hat Security Advisory: grafana-pcp security and enhancement update
An update for grafana-pcp is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
Moderate: grafana-pcp security and enhancement update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang: net/http: handle server errors after sending GOAWAY CVE-2022-27664 For...
grafana-pcp security update
An update is available for grafana-pcp. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Grafana plugin for Performance Co-Pilot includes datasources for...
RLSA-2022:8250 Moderate: grafana-pcp security update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang: net/http: improper sanitization of Transfer-Encoding header...
Moderate: grafana-pcp security update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang: net/http: improper sanitization of Transfer-Encoding header...
Moderate: Red Hat Security Advisory: grafana-pcp security update
An update for grafana-pcp is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...
grafana-pcp security update
An update is available for grafana-pcp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Grafana plugin for Performance Co-Pilot includes datasources for...
ALSA-2022:7648 Moderate: grafana-pcp security update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang: net/http: improper sanitization of Transfer-Encoding header...
Moderate: grafana-pcp security update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang: net/http: improper sanitization of Transfer-Encoding header...
[SECURITY] Fedora 35 Update: grafana-pcp-3.2.0-2.fc35
This Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries1 and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace1, as well as several dashboards...
Pentaho Business Analytics / Pentaho Business Server 9.1 SQL Injection Vulnerability
Pentaho allows users to create and manage Data Sources. Users can select a Data Source when creating a Dashboard through the Pentaho User Console. When a Data Source is added, Pentaho makes a HTTP request to the dashboards editor /pentaho/api/repos/dashboards/editor in order to test the connectio...
grafana security, bug fix, and enhancement update
7.3.6-2 - change working dir to in grafana-cli wrapper fixes Red Hat BZ 1916083 - add pcp-redis-datasource to allowloadingunsignedplugins config option 7.3.6-1 - update to 7.3.6 tagged upstream community sources, see CHANGELOG - remove dependency on SAML not supported in the open source version o...
CVE-2020-35491
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource...
Security update for grafana (moderate)
openSUSE Security Update: Security update for grafana Announcement ID: openSUSE-SU-2020:1611-1 Rating: moderate References: 1044444 1044933 1115960 1170557 Cross-References: CVE-2018-19039 CVE-2019-15043 CVE-2020-12245 CVE-2020-13379 Affected Products: openSUSE Backports SLE-15-SP1 An update that...
U.S. Dept Of Defense: Publicly accessible Grafana install allows pivoting to Prometheus datasource
Summary: A publicly accessible Grafana install exposes semi sensitive Dashboards. This also exposes the Prometheus proxied datasources which allow direct queries to a Prometheus instance which reveals sensitive data an opens the instance up to potential DoS via crafted requests. Description: Impa...
CVE-2019-13348
In Knowage through 6.1.1, an authenticated user who accesses the datasources page will gain access to any data source credentials in cleartext, which includes databases...