FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
6877e164-6296-11ed-9ca2-6c3be5272acdGrafana -- Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins

Grafana Labs reports:

On September 7th as a result of an internal security audit we have discovered that Grafana could leak the authentication cookie of users to plugins. After further analysis the vulnerability impacts data source and plugin proxy endpoints under certain conditions.

We believe that this vulnerability is rated at CVSS 6.8 (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H)


Discovery 2022-09-07
Entry 2022-11-12
grafana
ge 5.0.0 lt 8.5.14

ge 9.0.0 lt 9.1.8

grafana7
ge 7.0.0

grafana8
ge 8.0.0 lt 8.5.14

grafana9
ge 9.0.0 lt 9.1.8

CVE-2022-39201
https://github.com/grafana/grafana/security/advisories/GHSA-x744-mm8v-vpgr