Attachment 230056 Details for Bug 260358 – vuxml.diff

[patch] vuxml.diff

vuxml-grafana.diff (text/plain), 3.38 KB, created by Boris Korzun on 2021-12-12 12:25:31 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Boris Korzun

Created: 2021-12-12 12:25:31 UTC

Size: 3.38 KB

patch

obsolete

>diff --git a/security/vuxml/vuln-2021.xml b/security/vuxml/vuln-2021.xml
>index 974ff512b823..f9edcfa23d1c 100644
>--- a/security/vuxml/vuln-2021.xml
>+++ b/security/vuxml/vuln-2021.xml
>@@ -1,3 +1,71 @@
>+ <vuln vid="c2a7de31-5b42-11ec-8398-6c3be5272acd">
>+ <topic>Grafana -- Directory Traversal</topic>
>+ <affects>
>+ <package>
>+	<name>grafana</name>
>+	<name>grafana8</name>
>+	<range><ge>8.0.0</ge><lt>8.3.2</lt></range>
>+ </package>
>+ </affects>
>+ <description>
>+ <body xmlns="http://www.w3.org/1999/xhtml">
>+	GitHub Security Labs reports:
>+	<blockquote cite="https://github.com/grafana/grafana/security/advisories/GHSA-7533-c8qv-jm9m">
>+	 A vulnerability through which authenticated users could read out fully lowercase or fully uppercase <code>.md</code> files through directory traversal. Doing our own follow-up investigation we found a related vulnerability through which authenticated users could read out arbitrary <code>.csv</code> files through directory traversal. Thanks to our defense-in-depth approach, at no time has <a href="https://grafana.com/cloud">Grafana Cloud</a> been vulnerable.
>+	 The vulnerable URL path is: <code>/api/ds/query</code>
>+	</blockquote>
>+ </body>
>+ </description>
>+ <references>
>+ <cvename>CVE-2021-43815</cvename>
>+ <url>https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/</url>
>+ </references>
>+ <dates>
>+ <discovery>2021-12-09</discovery>
>+ <entry>2021-12-12</entry>
>+ </dates>
>+ </vuln>
>+
>+ <vuln vid="a994ff7d-5b3f-11ec-8398-6c3be5272acd">
>+ <topic>Grafana -- Directory Traversal</topic>
>+ <affects>
>+ <package>
>+	<name>grafana</name>
>+	<range><ge>5.0.0</ge><lt>7.5.12</lt></range>
>+	<range><ge>8.0.0</ge><lt>8.3.2</lt></range>
>+ </package>
>+ <package>
>+	<name>grafana6</name>
>+	<range><ge>6.0.0</ge></range>
>+ </package>
>+ <package>
>+	<name>grafana7</name>
>+	<range><ge>7.0.0</ge><lt>7.5.12</lt></range>
>+ </package>
>+ <package>
>+	<name>grafana8</name>
>+	<range><ge>8.0.0</ge><lt>8.3.2</lt></range>
>+ </package>
>+ </affects>
>+ <description>
>+ <body xmlns="http://www.w3.org/1999/xhtml">
>+	GitHub Security Labs reports:
>+	<blockquote cite="https://github.com/grafana/grafana/security/advisories/GHSA-c3q8-26ph-9g2q">
>+	 A vulnerability through which authenticated users could read out fully lowercase or fully uppercase <code>.md</code> files through directory traversal. Doing our own follow-up investigation we found a related vulnerability through which authenticated users could read out arbitrary <code>.csv</code> files through directory traversal. Thanks to our defense-in-depth approach, at no time has <a href="https://grafana.com/cloud">Grafana Cloud</a> been vulnerable.
>+	 The vulnerable URL path is: <code>/api/plugins/.*/markdown/.*</code> for <code>.md</code> files
>+	</blockquote>
>+ </body>
>+ </description>
>+ <references>
>+ <cvename>CVE-2021-43813</cvename>
>+ <url>https://grafana.com/blog/2021/12/10/grafana-8.3.2-and-7.5.12-released-with-moderate-severity-security-fix/</url>
>+ </references>
>+ <dates>
>+ <discovery>2021-12-09</discovery>
>+ <entry>2021-12-12</entry>
>+ </dates>
>+ </vuln>
>+
> <vuln vid="e33880ed-5802-11ec-8398-6c3be5272acd">
> <topic>Grafana -- Path Traversal</topic>
> <affects>

Flags:

drtr0jan: maintainer-approval?

Actions: View | Diff

Attachments on bug 260358: 230055 | 230056 | 230121