OpenTSDB 注入漏洞

OpenTSDB is a suite of open source, scalable distributed time series databases. An injection vulnerability exists in OpenTSDB versions prior to 2.4.2 that stems from vulnerability to remote code execution vulnerabilities...

io.kamon:kamon-opentsdb_2.10 (=0.6.7), io.kamon:kamon-opentsdb_2.11 (=0.6.7) +2 more potentially affected by CVE-2023-25827 via net.opentsdb:opentsdb (>=2.3.0 <=2.4.0)

net.opentsdb:opentsdb MAVEN version =2.3.0, =2.3.2, =2.4.0 Source cves: CVE-2023-25827 Source advisory: OSV:GHSA-9CHV-3W6C-JQ9W...

io.kamon:kamon-opentsdb_2.10 (=0.6.7), io.kamon:kamon-opentsdb_2.11 (=0.6.7) +2 more potentially affected by CVE-2023-25826 via net.opentsdb:opentsdb (>=2.3.0 <=2.4.0)

net.opentsdb:opentsdb MAVEN version =2.3.0, =2.3.2, =2.4.0 Source cves: CVE-2023-25826 Source advisory: OSV:GHSA-H475-7V3C-26Q7...

grafana: XSS via the OpenTSDB datasource

A flaw was found in grafana Tag value XSS via the OpenTSDB datasource are possible. The highest threat from this vulnerability is to data confidentiality and integrity...

UBUNTU-CVE-2020-13430

Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource...