FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-25 11:22:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
6f6c9420-6297-11ed-9ca2-6c3be5272acd	Grafana -- Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins Grafana Labs reports: On June 26 a security researcher contacted Grafana Labs to disclose a vulnerability with the GitLab data source plugin that could leak the API key to GitLab. After further analysis the vulnerability impacts data source and plugin proxy endpoints with authentication tokens but under some conditions. We believe that this vulnerability is rated at CVSS 4.9 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N) Discovery 2022-06-26 Entry 2022-11-12 grafana ge 7.0.0 lt 8.5.14 ge 9.0.0 lt 9.1.8 grafana7 ge 7.0.0 grafana8 ge 8.0.0 lt 8.5.14 grafana9 ge 9.0.0 lt 9.1.8 CVE-2022-31130 https://github.com/grafana/grafana/security/advisories/GHSA-jv32-5578-pxjc

VuXML ID

Description

6f6c9420-6297-11ed-9ca2-6c3be5272acd

Grafana -- Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins

Grafana Labs reports:

On June 26 a security researcher contacted Grafana Labs to disclose a vulnerability with the GitLab data source plugin that could leak the API key to GitLab. After further analysis the vulnerability impacts data source and plugin proxy endpoints with authentication tokens but under some conditions.

We believe that this vulnerability is rated at CVSS 4.9 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N)

Discovery 2022-06-26
Entry 2022-11-12
grafana

ge 7.0.0 lt 8.5.14

ge 9.0.0 lt 9.1.8

grafana7

ge 7.0.0

grafana8

ge 8.0.0 lt 8.5.14

grafana9

ge 9.0.0 lt 9.1.8

CVE-2022-31130
https://github.com/grafana/grafana/security/advisories/GHSA-jv32-5578-pxjc