High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-10-13	CVE-2022-39201	Unspecified vulnerability in Grafana Grafana is an open source observability and data visualization platform. network low complexity grafana	7.5
2022-10-13	CVE-2022-31123	Improper Verification of Cryptographic Signature vulnerability in multiple products Grafana is an open source observability and data visualization platform. local low complexity grafana netapp CWE-347	7.8
2022-09-02	CVE-2022-31176	Missing Authentication for Critical Function vulnerability in Grafana Grafana-Image-Renderer Grafana Image Renderer is a Grafana backend plugin that handles rendering of panels & dashboards to PNGs using a headless browser (Chromium/Chrome). network low complexity grafana CWE-306	8.1
2022-07-15	CVE-2022-31107	Incorrect Authorization vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. network high complexity grafana netapp CWE-863	7.5
2022-07-15	CVE-2022-31097	Cross-site Scripting vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. network low complexity grafana netapp CWE-79	8.7
2022-06-17	CVE-2022-32276	Improper Authentication vulnerability in Grafana 8.4.3 Grafana 8.4.3 allows unauthenticated access via (for example) a /dashboard/snapshot/*?orgId=0 URI. network low complexity grafana CWE-287	7.5
2022-06-06	CVE-2022-32275	Path Traversal vulnerability in Grafana 8.4.3 Grafana 8.4.3 allows reading files via (for example) a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. network low complexity grafana CWE-22	7.5
2022-05-20	CVE-2022-29170	Open Redirect vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. network low complexity grafana CWE-601	8.5
2022-03-21	CVE-2022-26148	Cleartext Storage of Sensitive Information vulnerability in multiple products An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. network low complexity grafana redhat CWE-312	7.5
2022-02-08	CVE-2022-21703	Cross-Site Request Forgery (CSRF) vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. network low complexity grafana netapp fedoraproject CWE-352	8.8