Grafana 8.4.3
Approved changes feed: RSS · Atom
cpe:2.3:a:grafana:grafana:8.4.3:*:*:*:*:*:*:*
part: a version: 8.4.3 update: *
| Vendor | Grafana (7564912d-bb81-50cf-9eb9-f573ac2fa519) |
|---|---|
| Product | Grafana (6e4f3e11-70ef-54b3-88d6-f64136c9d5f2) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:docker/grafana/grafana |
purl2cpe | 2026-06-01 10:14:45.596699 |
pkg:github/grafana/grafana |
purl2cpe | 2026-06-01 10:14:45.596700 |
pkg:rpm/fedora/grafana |
purl2cpe | 2026-06-01 10:14:45.596702 |
pkg:rpm/opensuse/grafana |
purl2cpe | 2026-06-01 10:14:45.596703 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-32276 |
vulnerable | 2026-06-03 14:47:21.236794 |
Details available
Grafana 8.4.3 allows unauthenticated access via (for example) a /dashboard/snapshot/*?orgId=0 URI. NOTE: the vendor considers this a UI bug, not a vulnerability
Published: 2022-06-17T11:38:27.000Z
Updated: 2024-08-03T07:39:50.606Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-32275 |
vulnerable | 2026-06-03 14:47:21.236363 |
Details available
Grafana 8.4.3 allows reading files via (for example) a /dashboard/snapshot/%7B%7Bconstructor.constructor'/.. /.. /.. /.. /.. /.. /.. /.. /etc/passwd URI. NOTE: the vendor's position is that there is no vulnerability; this request yields a benign error page, not /etc/passwd content
Published: 2022-06-06T18:29:07.000Z
Updated: 2024-08-03T07:39:50.900Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.