AVG-2609 log
| Package | grafana |
| Status | Fixed |
| Severity | High |
| Type | directory traversal |
| Affected | 8.3.0-1 |
| Fixed | 8.3.1-1 |
| Current | 10.4.2-1 [extra] |
| Ticket | None |
| Created | Tue Dec 7 20:13:30 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-43815 | Medium | Yes | Directory traversal | A security issue has been found in Grafana 8 before version 8.3.2 through which authenticated users could read out arbitrary .csv files through directory... |
| CVE-2021-43813 | Medium | Yes | Directory traversal | A security issue has been found in Grafana before version 8.3.2 through which authenticated users could read out fully lowercase or fully uppercase .md... |
| CVE-2021-43798 | High | Yes | Directory traversal | Grafana 8 before version 8.3.1 is vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 11 Dec 2021 | ASA-202112-11 | grafana | directory traversal |