[RHSA-2024:5291] grafana security update
Severity
Moderate
Affected Packages
8
CVEs
3
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
Security Fix(es):
golang: net: malformed DNS message can cause infinite loop (CVE-2024-24788)
golang: archive/zip: Incorrect handling of certain ZIP files (CVE-2024-24789)
golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Package | Affected Version |
---|---|
pkg:rpm/redhat/grafana?arch=x86_64&distro=redhat-8.10 | < 9.2.10-17.el8_10 |
pkg:rpm/redhat/grafana?arch=s390x&distro=redhat-8.10 | < 9.2.10-17.el8_10 |
pkg:rpm/redhat/grafana?arch=ppc64le&distro=redhat-8.10 | < 9.2.10-17.el8_10 |
pkg:rpm/redhat/grafana?arch=aarch64&distro=redhat-8.10 | < 9.2.10-17.el8_10 |
pkg:rpm/redhat/grafana-selinux?arch=x86_64&distro=redhat-8.10 | < 9.2.10-17.el8_10 |
pkg:rpm/redhat/grafana-selinux?arch=s390x&distro=redhat-8.10 | < 9.2.10-17.el8_10 |
pkg:rpm/redhat/grafana-selinux?arch=ppc64le&distro=redhat-8.10 | < 9.2.10-17.el8_10 |
pkg:rpm/redhat/grafana-selinux?arch=aarch64&distro=redhat-8.10 | < 9.2.10-17.el8_10 |
- ID
- RHSA-2024:5291
- Severity
- moderate
- URL
- https://access.redhat.com/errata/RHSA-2024:5291
- Published
-
2024-08-13T00:00:00
(5 weeks ago) - Modified
-
2024-08-13T00:00:00
(5 weeks ago) - Rights
- Copyright 2024 Red Hat, Inc.
- Other Advisories
-
- ALAS2-2024-2576
- ALAS2-2024-2618
- ALPINE:CVE-2024-24788
- ALPINE:CVE-2024-24789
- ALPINE:CVE-2024-24790
- ALSA-2024:4212
- ALSA-2024:4237
- ALSA-2024:5258
- ALSA-2024:5291
- ELSA-2024-4212
- ELSA-2024-4237
- ELSA-2024-5258
- ELSA-2024-5291
- FEDORA-2024-15039ba9f9
- FEDORA-2024-35147eb6ad
- FEDORA-2024-c83208238d
- FREEBSD:219AAA1E-2AFF-11EF-AB37-5404A68AD561
- FREEBSD:A5C64F6F-2AF3-11EF-A77E-901B0E9408DC
- FREEBSD:D3847EBA-114B-11EF-9C21-901B0E9408DC
- FREEBSD:F0BA7008-2BBD-11EF-B4CA-814A3D504243
- GLSA-202408-07
- GO-2024-2824
- GO-2024-2887
- GO-2024-2888
- RHSA-2024:4212
- RHSA-2024:4237
- RHSA-2024:5258
- RLSA-2024:4212
- SUSE-SU-2024:1573-1
- SUSE-SU-2024:1587-1
- SUSE-SU-2024:1935-1
- SUSE-SU-2024:1936-1
- SUSE-SU-2024:1969-1
- SUSE-SU-2024:1970-1
- SUSE-SU-2024:3089-1
- USN-6886-1
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 2279814 | https://bugzilla.redhat.com/2279814 | |
Bugzilla | 2292668 | https://bugzilla.redhat.com/2292668 | |
Bugzilla | 2292787 | https://bugzilla.redhat.com/2292787 | |
RHSA | RHSA-2024:5291 | https://access.redhat.com/errata/RHSA-2024:5291 | |
CVE | CVE-2024-24788 | https://access.redhat.com/security/cve/CVE-2024-24788 | |
CVE | CVE-2024-24789 | https://access.redhat.com/security/cve/CVE-2024-24789 | |
CVE | CVE-2024-24790 | https://access.redhat.com/security/cve/CVE-2024-24790 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/grafana?arch=x86_64&distro=redhat-8.10 | redhat | grafana | < 9.2.10-17.el8_10 | redhat-8.10 | x86_64 | |
Affected | pkg:rpm/redhat/grafana?arch=s390x&distro=redhat-8.10 | redhat | grafana | < 9.2.10-17.el8_10 | redhat-8.10 | s390x | |
Affected | pkg:rpm/redhat/grafana?arch=ppc64le&distro=redhat-8.10 | redhat | grafana | < 9.2.10-17.el8_10 | redhat-8.10 | ppc64le | |
Affected | pkg:rpm/redhat/grafana?arch=aarch64&distro=redhat-8.10 | redhat | grafana | < 9.2.10-17.el8_10 | redhat-8.10 | aarch64 | |
Affected | pkg:rpm/redhat/grafana-selinux?arch=x86_64&distro=redhat-8.10 | redhat | grafana-selinux | < 9.2.10-17.el8_10 | redhat-8.10 | x86_64 | |
Affected | pkg:rpm/redhat/grafana-selinux?arch=s390x&distro=redhat-8.10 | redhat | grafana-selinux | < 9.2.10-17.el8_10 | redhat-8.10 | s390x | |
Affected | pkg:rpm/redhat/grafana-selinux?arch=ppc64le&distro=redhat-8.10 | redhat | grafana-selinux | < 9.2.10-17.el8_10 | redhat-8.10 | ppc64le | |
Affected | pkg:rpm/redhat/grafana-selinux?arch=aarch64&distro=redhat-8.10 | redhat | grafana-selinux | < 9.2.10-17.el8_10 | redhat-8.10 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |