Vulnerabilities > Grafana > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-10-13 | CVE-2022-39201 | Unspecified vulnerability in Grafana Grafana is an open source observability and data visualization platform. | 7.5 |
2022-10-13 | CVE-2022-31123 | Improper Verification of Cryptographic Signature vulnerability in multiple products Grafana is an open source observability and data visualization platform. | 7.8 |
2022-09-02 | CVE-2022-31176 | Missing Authentication for Critical Function vulnerability in Grafana Grafana-Image-Renderer Grafana Image Renderer is a Grafana backend plugin that handles rendering of panels & dashboards to PNGs using a headless browser (Chromium/Chrome). | 8.1 |
2022-07-15 | CVE-2022-31107 | Incorrect Authorization vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. | 7.5 |
2022-07-15 | CVE-2022-31097 | Cross-site Scripting vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. | 8.7 |
2022-06-17 | CVE-2022-32276 | Improper Authentication vulnerability in Grafana 8.4.3 Grafana 8.4.3 allows unauthenticated access via (for example) a /dashboard/snapshot/*?orgId=0 URI. | 7.5 |
2022-06-06 | CVE-2022-32275 | Path Traversal vulnerability in Grafana 8.4.3 Grafana 8.4.3 allows reading files via (for example) a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. | 7.5 |
2022-05-20 | CVE-2022-29170 | Open Redirect vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. | 8.5 |
2022-03-21 | CVE-2022-26148 | Cleartext Storage of Sensitive Information vulnerability in multiple products An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. | 7.5 |
2022-02-08 | CVE-2022-21703 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Grafana is an open-source platform for monitoring and observability. | 8.8 |