Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
grafana loki vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2023-36649
Insertion of sensitive information in the centralized (Grafana) logging system in ProLion CryptoSpike 3.0.15P2 allows remote malicious users to impersonate other users in web management and the REST API by reading JWT tokens from logs (as a Granafa authenticated user) or from the...
Prolion Cryptospike 3.0.15
5.3
CVSSv3
CVE-2021-36156
An issue exists in Grafana Loki up to and including 2.2.1. The header value X-Scope-OrgID is used to construct file paths for rules files, and if crafted to conduct directory traversal such as ae ../../sensitive/path/in/deployment pathname, then Loki will attempt to parse a rules...
Grafana Loki
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started