rpm package
suse/grafana&distro=SUSE Enterprise Storage 6
pkg:rpm/suse/grafana&distro=SUSE%20Enterprise%20Storage%206
Vulnerabilities (23)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-12052 | — | < 7.3.1-3.6.1 | 7.3.1-3.6.1 | Apr 27, 2020 | Grafana version < 6.7.3 is vulnerable for annotation popup XSS. | ||
| CVE-2020-12245 | — | < 7.3.1-3.6.1 | 7.3.1-3.6.1 | Apr 24, 2020 | Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip. | ||
| CVE-2019-15043 | — | < 7.3.1-3.6.1 | 7.3.1-3.6.1 | Sep 3, 2019 | In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana. |
- CVE-2020-12052Apr 27, 2020affected < 7.3.1-3.6.1fixed 7.3.1-3.6.1
Grafana version < 6.7.3 is vulnerable for annotation popup XSS.
- CVE-2020-12245Apr 24, 2020affected < 7.3.1-3.6.1fixed 7.3.1-3.6.1
Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip.
- CVE-2019-15043Sep 3, 2019affected < 7.3.1-3.6.1fixed 7.3.1-3.6.1
In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes it possible to run a denial of service attack against the server running Grafana.
Page 2 of 2