rpm package
suse/golang-github-lusitaniae-apache_exporter&distro=SUSE Manager Client Tools 15
pkg:rpm/suse/golang-github-lusitaniae-apache_exporter&distro=SUSE%20Manager%20Client%20Tools%2015
Vulnerabilities (26)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-0155 | Med | 6.5 | < 1.0.0-150000.1.20.1 | 1.0.0-150000.1.20.1 | Jan 10, 2022 | follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor | |
| CVE-2021-43815 | Med | 4.3 | < 1.0.0-150000.1.20.1 | 1.0.0-150000.1.20.1 | Dec 10, 2021 | Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured | |
| CVE-2021-43798 | Hig | 7.5 | KEV | < 1.0.0-150000.1.20.1 | 1.0.0-150000.1.20.1 | Dec 7, 2021 | Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`, |
| CVE-2021-3918 | Cri | 9.8 | < 1.0.0-150000.1.20.1 | 1.0.0-150000.1.20.1 | Nov 13, 2021 | json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | |
| CVE-2021-3807 | Hig | 7.5 | < 1.0.0-150000.1.20.1 | 1.0.0-150000.1.20.1 | Sep 17, 2021 | ansi-regex is vulnerable to Inefficient Regular Expression Complexity | |
| CVE-2020-7753 | Hig | 7.5 | < 1.0.0-150000.1.20.1 | 1.0.0-150000.1.20.1 | Oct 27, 2020 | All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim(). |
- affected < 1.0.0-150000.1.20.1fixed 1.0.0-150000.1.20.1
follow-redirects is vulnerable to Exposure of Private Personal Information to an Unauthorized Actor
- affected < 1.0.0-150000.1.20.1fixed 1.0.0-150000.1.20.1
Grafana is an open-source platform for monitoring and observability. Grafana prior to versions 8.3.2 and 7.5.12 has a directory traversal for arbitrary .csv files. It only affects instances that have the developer testing tool called TestData DB data source enabled and configured
- affected < 1.0.0-150000.1.20.1fixed 1.0.0-150000.1.20.1
Grafana is an open-source platform for monitoring and observability. Grafana versions 8.0.0-beta1 through 8.3.0 (except for patched versions) iss vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is: `<grafana_host_url>/public/plugins//`,
- affected < 1.0.0-150000.1.20.1fixed 1.0.0-150000.1.20.1
json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
- affected < 1.0.0-150000.1.20.1fixed 1.0.0-150000.1.20.1
ansi-regex is vulnerable to Inefficient Regular Expression Complexity
- affected < 1.0.0-150000.1.20.1fixed 1.0.0-150000.1.20.1
All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().
Page 2 of 2