rpm package
almalinux/grafana-selinux
pkg:rpm/almalinux/grafana-selinux
Vulnerabilities (23)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-24788 | Med | 5.9 | < 9.2.10-17.el8_10 | 9.2.10-17.el8_10 | May 8, 2024 | A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop. | |
| CVE-2024-1313 | Med | 6.5 | < 9.2.10-16.el9_4.alma.1 | 9.2.10-16.el9_4.alma.1 | Mar 26, 2024 | It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE request to /api/snapshots/ using its view key. This functionality is intended to only be available to individuals with the per | |
| CVE-2024-1394 | Hig | 7.5 | < 9.2.10-16.el9_4.alma.1 | 9.2.10-16.el9_4.alma.1 | Mar 21, 2024 | A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey and |
- affected < 9.2.10-17.el8_10fixed 9.2.10-17.el8_10
A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.
- affected < 9.2.10-16.el9_4.alma.1fixed 9.2.10-16.el9_4.alma.1
It is possible for a user in a different organization from the owner of a snapshot to bypass authorization and delete a snapshot by issuing a DELETE request to /api/snapshots/ using its view key. This functionality is intended to only be available to individuals with the per
- affected < 9.2.10-16.el9_4.alma.1fixed 9.2.10-16.el9_4.alma.1
A memory leak flaw was found in Golang in the RSA encrypting/decrypting code, which might lead to a resource exhaustion vulnerability using attacker-controlled inputs. The memory leak happens in github.com/golang-fips/openssl/openssl/rsa.go#L113. The objects leaked are pkey and
Page 2 of 2