Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
grafana loki vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2021-36156
An issue exists in Grafana Loki up to and including 2.2.1. The header value X-Scope-OrgID is used to construct file paths for rules files, and if crafted to conduct directory traversal such as ae ../../sensitive/path/in/deployment pathname, then Loki will attempt to parse a rules...
Grafana Loki
9.1
CVSSv3
CVE-2023-36649
Insertion of sensitive information in the centralized (Grafana) logging system in ProLion CryptoSpike 3.0.15P2 allows remote malicious users to impersonate other users in web management and the REST API by reading JWT tokens from logs (as a Granafa authenticated user) or from the...
Prolion Cryptospike 3.0.15
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started