CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

BDU FSTEC•added 2025/08/08 12:0 a.m.•3 views

The vulnerability of the visualization plugin for the Infinity Datasource platform used in Grafana monitoring and observation systems stems from server-side request manipulation. This allows attackers to gain unauthorized access to protected information.

The vulnerability of the Infinity Datasource plugin for the Grafana monitoring and observation platform relates to server-side request manipulation. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

5CVSS5.8AI score0.00283EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2025/08/04 2:11 p.m.•4 views

CVE-2025-8341

A flaw was found in github.com/grafana/grafana-infinity-datasource. The Infinity datasource plugin incorrectly handles configuration when restricted to certain data sources, allowing an attacker to potentially trigger an out-of-bounds read. This vulnerability allows a remote attacker to manipulat...

5CVSS7AI score0.00283EPSS

Exploits0References5

NVD•added 2025/08/04 9:15 a.m.•30 views

CVE-2025-8341

Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML endpoints. If the plugin was configured to allow only certain URLs, an attacker could bypass this...

5CVSS0.00283EPSS

Exploits0References2

CVE•added 2025/08/04 8:34 a.m.•25 views

CVE-2025-8341

CVE-2025-8341 concerns the Grafana Infinity Datasource Plugin. The connected documents describe an SSRF-type issue where, if the plugin’s allowlist is misused, an attacker could bypass URL restrictions and trigger server-side requests to unintended resources. The vulnerability is tied to the plug...

5CVSS6.2AI score0.00283EPSS

Exploits0References2