Graphite Project Graphite — known CVE vulnerabilities
Every CVE whose affected-product data names Graphite Project Graphite, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2017-18638 — CVSS 7.5 (high): send_email in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint…
CVE-2013-5942 — CVSS 6.8 (medium): Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted…
CVE-2013-5093 — CVSS 6.8 (medium): The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely…
CVE-2013-5943 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0.9.11 allow remote attackers to inject arbitrary web script or HTML…
CVE-2022-4728 — CVSS 3.5 (low): A vulnerability has been found in Graphite Web and classified as problematic. This vulnerability affects unknown code of the component…
CVE-2022-4729 — CVSS 3.5 (low): A vulnerability was found in Graphite Web and classified as problematic. This issue affects some unknown processing of the component…
CVE-2022-4730 — CVSS 3.5 (low): A vulnerability was found in Graphite Web. It has been classified as problematic. Affected is an unknown function of the component Absolute…