FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID Description

VuXML ID	Description
c2a7de31-5b42-11ec-8398-6c3be5272acd	Grafana -- Directory Traversal GitHub Security Labs reports: A vulnerability through which authenticated users could read out fully lowercase or fully uppercase `.md` files through directory traversal. Doing our own follow-up investigation we found a related vulnerability through which authenticated users could read out arbitrary `.csv` files through directory traversal. Thanks to our defense-in-depth approach, at no time has Grafana Cloud been vulnerable. The vulnerable URL path is: `/api/ds/query` Discovery 2021-12-09 Entry 2021-12-12 grafana grafana8 ge 8.0.0 lt 8.3.2 CVE-2021-43815 https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/

c2a7de31-5b42-11ec-8398-6c3be5272acd

Grafana -- Directory Traversal

GitHub Security Labs reports:

A vulnerability through which authenticated users could read out fully lowercase or fully uppercase .md files through directory traversal. Doing our own follow-up investigation we found a related vulnerability through which authenticated users could read out arbitrary .csv files through directory traversal. Thanks to our defense-in-depth approach, at no time has Grafana Cloud been vulnerable.

The vulnerable URL path is: /api/ds/query

Discovery 2021-12-09
Entry 2021-12-12
grafana
grafana8

ge 8.0.0 lt 8.3.2

CVE-2021-43815
https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/