AVG-2609 log

Package grafana
Status Fixed
Severity High
Type directory traversal
Affected 8.3.0-1
Fixed 8.3.1-1
Current 9.0.7-1 [community]
Ticket None
Created Tue Dec 7 20:13:30 2021
Issue Severity Remote Type Description
CVE-2021-43815 Medium Yes Directory traversal
A security issue has been found in Grafana 8 before version 8.3.2 through which authenticated users could read out arbitrary .csv files through directory...
CVE-2021-43813 Medium Yes Directory traversal
A security issue has been found in Grafana before version 8.3.2 through which authenticated users could read out fully lowercase or fully uppercase .md...
CVE-2021-43798 High Yes Directory traversal
Grafana 8 before version 8.3.1 is vulnerable to directory traversal, allowing access to local files. The vulnerable URL path is...
Date Advisory Package Type
11 Dec 2021 ASA-202112-11 grafana directory traversal