Lucene search
K

43 matches found

Chainguard
Chainguard
added 2026/06/23 8:16 a.m.7 views

GHSA-5WRP-CWCJ-Q835 vulnerabilities

Vulnerabilities for packages: kuma, grafana-fips, teleport, aws-iam-authenticator-fips, crossplane-provider-azure-storagecache, crossplane-provider-azure-servicenetworking, coredns, knative-serving, syft, ingress-nginx-controller-fips, k8sgateway-fips, gcp-compute-persistent-disk-csi-driver,...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2026/01/07 1:51 a.m.3 views

GHSA-RX8G-88G5-QH64 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards, grafana-image-renderer...

5.8AI score
Exploits0
Wolfi
Wolfi
added 2026/01/07 1:51 a.m.4 views

CVE-2025-57352 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards, grafana-image-renderer...

5.3CVSS5.8AI score0.00329EPSS
Exploits0
Chainguard
Chainguard
added 2026/01/07 1:29 a.m.3 views

GHSA-RX8G-88G5-QH64 vulnerabilities

Vulnerabilities for packages: foxx-cli, opensearch-dashboards-fips, opensearch-dashboards, grafana-image-renderer...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2026/01/07 1:29 a.m.5 views

CVE-2025-57352 vulnerabilities

Vulnerabilities for packages: foxx-cli, opensearch-dashboards-fips, opensearch-dashboards, grafana-image-renderer...

5.3CVSS5.9AI score0.00329EPSS
Exploits0
OSV
OSV
added 2025/10/11 8:40 a.m.6 views

BIT-GRAFANA-IMAGE-RENDERER-2025-11539 Arbitrary Code Execution in Grafana Image Renderer Plugin

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

9.9CVSS8.2AI score0.0058EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/10/10 6:27 p.m.11 views

CVE-2025-11539

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

9.9CVSS8.3AI score0.0058EPSS
Exploits0References1
OSV
OSV
added 2025/10/09 8:15 a.m.6 views

CVE-2025-11539

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

9.9CVSS8.4AI score0.0058EPSS
Exploits0References2
NVD
NVD
added 2025/10/09 8:15 a.m.8 views

CVE-2025-11539

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

9.9CVSS0.0058EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/09 7:18 a.m.3 views

CVE-2025-11539 Arbitrary Code Execution in Grafana Image Renderer Plugin

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

9.9CVSS8AI score0.0058EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/09 7:18 a.m.2 views

EUVD-2025-33321

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

9.9CVSS7.8AI score0.0058EPSS
Exploits0References2
CVE
CVE
added 2025/10/09 7:18 a.m.47 views

CVE-2025-11539

Grafana Image Renderer (grafana-image-renderer) is affected by an ARBITRARY FILE WRITE leading to remote code execution via /render/csv, where a lack of validation of filePath allows saving a shared object to an arbitrary location loaded by Chromium. Affected versions are 1.0.0 through 4.0.16. Ex...

9.9CVSS8AI score0.0058EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/09 7:18 a.m.10 views

CVE-2025-11539 Arbitrary Code Execution in Grafana Image Renderer Plugin

Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location that is then load...

9.9CVSS0.0058EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/09 12:0 a.m.4 views

PT-2025-41359

Name of the Vulnerable Software and Affected Versions Grafana Image Renderer versions 1.0.0 through 4.0.16 Description Grafana Image Renderer is susceptible to remote code execution due to an arbitrary file write issue. The /render/csv API endpoint lacks proper validation of the filePath paramete...

9.9CVSS7.8AI score0.0058EPSS
Exploits0References14
CNNVD
CNNVD
added 2025/10/09 12:0 a.m.3 views

grafana-image-renderer 安全漏洞

grafana-image-renderer is a Grafana open source backend plugin for Grafana. A security vulnerability exists in grafana-image-renderer versions 1.0.0 through 4.0.16, which stems from the /render/csv endpoint that does not validate the filePath parameter, which could lead to remote code execution...

9.9CVSS7.5AI score0.0058EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-52777

Malicious code in bioql PyPI...

8.3CVSS8.1AI score0.0087EPSS
Exploits0References3
Wolfi
Wolfi
added 2025/09/29 2:21 p.m.7 views

CVE-2025-59343 vulnerabilities

Vulnerabilities for packages: langfuse, code-server, tileserver-gl, grafana-image-renderer, sqlpad...

8.7CVSS6.3AI score0.00516EPSS
Exploits0
Wolfi
Wolfi
added 2025/09/29 2:21 p.m.4 views

GHSA-VJ76-C3G6-QR5V vulnerabilities

Vulnerabilities for packages: langfuse, code-server, tileserver-gl, grafana-image-renderer, sqlpad...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2025/07/31 1:47 a.m.4 views

GHSA-XFFM-G5W8-QVG7 vulnerabilities

Vulnerabilities for packages: grafana-image-renderer...

7.5AI score
Exploits0
Chainguard
Chainguard
added 2025/07/31 1:17 a.m.5 views

GHSA-XFFM-G5W8-QVG7 vulnerabilities

Vulnerabilities for packages: grafana-image-renderer...

7.5AI score
Exploits0
Rows per page
Query Builder