grafana

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Gorgeous metric viz, dashboards & editors for Graphite, InfluxDB & OpenTSDB
Version 6.5.2-1 [community]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-1034 6.3.3-1 6.3.4-1 Medium Fixed
AVG-811 5.3.2-1 5.3.4-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2019-15043 AVG-1034 Medium Yes Denial of service
This vulnerability allows any unauthenticated user/client to access the Grafana snapshot HTTP API and create a denial of service attack by posting large...
CVE-2018-19039 AVG-811 High Yes Arbitrary filesystem access
Al security issue has been found in grafana before 5.3.3, that could allow any users with Editor or Admin permissions in Grafana to read any file that the...

Advisories

Date Advisory Group Severity Description
30 Aug 2019 ASA-201908-21 AVG-1034 Medium denial of service
15 Nov 2018 ASA-201811-15 AVG-811 High arbitrary filesystem access