SUSE: 2022:2809-1 Important: Grafana Security Fix for SES/7.1
suse
November 5, 2022
The container ses/7.1/ceph/grafana was updated
Summary
Advisory ID: SUSE-SU-2022:3765-1 Released: Wed Oct 26 11:17:18 2022 Summary: Security update for grafana Type: security Severity: important Advisory ID: SUSE-SU-2022:3766-1 Released: Wed Oct 26 11:38:01 2022 Summary: Security update for buildah Type: security Severity: important Advisory ID: SUSE-SU-2022:3773-1 Released: Wed Oct 26 12:19:29 2022 Summary: Security update for curl Type: security
References
References : 1167864 1181961 1195726 1195727 1195728 1200501 1201535 1201539
1202812 1203911 1204137 1204383 CVE-2020-10696 CVE-2021-20206
CVE-2022-21702 CVE-2022-21703 CVE-2022-21713 CVE-2022-2990 CVE-2022-31097
CVE-2022-31107 CVE-2022-32221
1195726,1195727,1195728,1201535,1201539,CVE-2022-21702,CVE-2022-21703,CVE-2022-21713,CVE-2022-31097,CVE-2022-31107
This update for grafana fixes the following issues:
Updated to version 8.3.10 (jsc#SLE-24565, jsc#SLE-23422, jsc#SLE-23439):
- CVE-2022-31097: Fixed XSS vulnerability in the Unified Alerting (bsc#1201535).
- CVE-2022-31107: Fixed OAuth account takeover vulnerability (bsc#1201539).
- CVE-2022-21702: Fixed XSS through attacker-controlled data source (bsc#1195726).
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Container Advisory ID : SUSE-CU-2022:2809-1
Container Tags : ses/7.1/ceph/grafana:8.3.10 , ses/7.1/ceph/grafana:8.3.10.2.2.285 , ses/7.1/ceph/grafana:latest , ses/7.1/ceph/grafana:sle15.3.pacific
Container Release : 2.2.285
Severity : important
Type : security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!