Security
Headlines

Headlines Latest CVEs

Headline

GHSA-wxcc-2f3q-4h58: Grafana Alerting VictorOps integration could be exposed to users with Viewer permission

Grafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 11.5.0, 11.4.1, 11.3.3, 11.2.6, 11.1.11, 11.0.11 and 10.4.15

7 hours ago

GitHub Advisory Database
GitHub Reviewed
CVE-2024-11741

Grafana Alerting VictorOps integration could be exposed to users with Viewer permission

Moderate severity GitHub Reviewed Published Jan 31, 2025 to the GitHub Advisory Database • Updated Jan 31, 2025

Package

gomod github.com/grafana/grafana (Go)

Affected versions

= 11.4.0

>= 11.3.0, < 11.3.3

>= 11.2.0, < 11.2.6

>= 11.1.0, < 11.1.11

>= 11.0.0, < 11.0.11

< 10.4.15

Patched versions

11.4.1

11.3.3

11.2.6

11.1.11

11.0.11

10.4.15

Published to the GitHub Advisory Database

Jan 31, 2025

Last updated

Jan 31, 2025

ghsa: Latest News

GHSA-wxcc-2f3q-4h58: Grafana Alerting VictorOps integration could be exposed to users with Viewer permission

7 hours ago

GHSA-qr6x-62gq-4ccp: WildFly improper RBAC permission

8 hours ago

GHSA-88m4-h43f-wx84: PMD Designer's release key passphrase (GPG) available on Maven Central in cleartext

8 hours ago

GHSA-hj49-h7fq-px5h: Soundness issue with Plonky2 look up tables

1 day ago

GHSA-47g2-qmh2-749v: Argo CD does not scrub secret values from patch errors

1 day ago