884 matches found
Malicious code in albatross-infinity-erv465-project (npm)
The package albatross-infinity-erv465-project was found to contain malicious code...
Malicious code in kiwi-infinity-xlz814-project (npm)
The package kiwi-infinity-xlz814-project was found to contain malicious code...
Malicious code in dragon-infinity-fnk008-project (npm)
The package dragon-infinity-fnk008-project was found to contain malicious code...
Malicious code in forest-infinity-zqx963-project (npm)
The package forest-infinity-zqx963-project was found to contain malicious code...
Malicious code in kite-infinity-lub379-project (npm)
The package kite-infinity-lub379-project was found to contain malicious code...
Malicious code in cascade-infinity-ahh628-project (npm)
The package cascade-infinity-ahh628-project was found to contain malicious code...
SUSE CVE-2025-8341
Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML endpoints. If the plugin was configured to allow only certain URLs, an attacker could bypass this...
GO-2025-3843 Grafana Infinity Datasource Plugin SSRF Vulnerability in github.com/grafana/grafana-infinity-datasource
Grafana Infinity Datasource Plugin SSRF Vulnerability in github.com/grafana/grafana-infinity-datasource...
The vulnerability of the visualization plugin for the Infinity Datasource platform used in Grafana monitoring and observation systems stems from server-side request manipulation. This allows attackers to gain unauthorized access to protected information.
The vulnerability of the Infinity Datasource plugin for the Grafana monitoring and observation platform relates to server-side request manipulation. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...
CVE-2025-8341
A flaw was found in github.com/grafana/grafana-infinity-datasource. The Infinity datasource plugin incorrectly handles configuration when restricted to certain data sources, allowing an attacker to potentially trigger an out-of-bounds read. This vulnerability allows a remote attacker to manipulat...
Grafana Infinity Datasource Plugin SSRF Vulnerability
Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML endpoints. If the plugin was configured to allow only certain URLs, an attacker could bypass this...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the URL validation process. An attacker can access internal or otherwise restricted resources by submitting a specially crafted URL that bypasses configured allowlists. Remediation Upgrade...
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the URL validation process. An attacker can access internal or otherwise restricted resources by submitting a specially crafted URL that bypasses configured allowlists. Remediation Upgrade...
GHSA-3C93-92R7-J934 Grafana Infinity Datasource Plugin SSRF Vulnerability
Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML endpoints. If the plugin was configured to allow only certain URLs, an attacker could bypass this...
CVE-2025-8341
Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML endpoints. If the plugin was configured to allow only certain URLs, an attacker could bypass this...
CVE-2025-8341
Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML endpoints. If the plugin was configured to allow only certain URLs, an attacker could bypass this...
CVE-2025-8341
CVE-2025-8341 concerns the Grafana Infinity Datasource Plugin. The connected documents describe an SSRF-type issue where, if the plugin’s allowlist is misused, an attacker could bypass URL restrictions and trigger server-side requests to unintended resources. The vulnerability is tied to the plug...
CVE-2025-8341 SSRF in Infinity Datasource Plugin
Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML endpoints. If the plugin was configured to allow only certain URLs, an attacker could bypass this...
CVE-2025-8341 SSRF in Infinity Datasource Plugin
Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML endpoints. If the plugin was configured to allow only certain URLs, an attacker could bypass this...
SSRF in Infinity Datasource Plugin
Grafana is an open-source platform for monitoring and observability. The Infinity datasource plugin, maintained by Grafana Labs, allows visualizing data from JSON, CSV, XML, GraphQL, and HTML endpoints. If the plugin was configured to allow only certain URLs, an attacker could bypass this...