Vulnerabilities > Grafana > Grafana > 1.0.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-13 | CVE-2023-6152 | Incorrect Authorization vulnerability in Grafana A user changing their email after signing up and verifying it can change it without verification in profile settings. The configuration option "verify_email_enabled" will only validate email only on sign up. | 5.4 |
| 2023-01-27 | CVE-2022-39324 | Unspecified vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. | 3.5 |
| 2022-11-09 | CVE-2022-39307 | Information Exposure Through an Error Message vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. | 5.3 |
| 2022-10-13 | CVE-2022-31130 | Insufficiently Protected Credentials vulnerability in Grafana Grafana is an open source observability and data visualization platform. | 7.5 |
| 2022-10-13 | CVE-2022-39229 | Unspecified vulnerability in Grafana Grafana is an open source data visualization platform for metrics, logs, and traces. | 4.3 |
| 2022-09-22 | CVE-2022-36062 | Unspecified vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. | 3.8 |
| 2022-09-20 | CVE-2022-35957 | Grafana is an open-source platform for monitoring and observability. | 6.6 |
| 2022-03-21 | CVE-2022-26148 | Cleartext Storage of Sensitive Information vulnerability in multiple products An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. | 9.8 |
| 2021-12-10 | CVE-2021-43815 | Path Traversal vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. | 4.3 |
| 2021-10-05 | CVE-2021-39226 | Missing Authorization vulnerability in multiple products Grafana is an open source data visualization platform. | 7.3 |