grafana-loki (AlmaLinux:8) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:8 package grafana-loki, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (8)
CVE-2019-19499 — CVSS 6.5 (medium): Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to…
CVE-2018-18624 — CVSS 6.1 (medium): Grafana 5.3.1 has XSS via a column style on the "Dashboard > Table Panel" screen. NOTE: this issue exists because of an incomplete fix for…
CVE-2020-12458 — CVSS 5.5 (medium): An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file…
CVE-2020-12459 — CVSS 5.5 (medium): In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml…
CVE-2020-11110 — CVSS 5.4 (medium): Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject…