Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/grafana@6.7.4-3?arch=el8
Typerpm
Namespaceredhat
Namegrafana
Version6.7.4-3
Qualifiers
arch el8
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-amqf-ytjf-fydp
vulnerability_id VCID-amqf-ytjf-fydp
summary 
Grafana world readable configuration files
In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files `/etc/grafana/grafana.ini` and `/etc/grafana/ldap.toml` (which contain a secret_key and a bind_password) are world readable.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12459.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12459.json
1
reference_url https://access.redhat.com/security/cve/CVE-2020-12459
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2020-12459
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12459
reference_id
reference_type
scores
0
value 0.00088
scoring_system epss
scoring_elements 0.25103
published_at 2026-04-13T12:55:00Z
1
value 0.00088
scoring_system epss
scoring_elements 0.25156
published_at 2026-04-12T12:55:00Z
2
value 0.00088
scoring_system epss
scoring_elements 0.25198
published_at 2026-04-11T12:55:00Z
3
value 0.00088
scoring_system epss
scoring_elements 0.25184
published_at 2026-04-09T12:55:00Z
4
value 0.00088
scoring_system epss
scoring_elements 0.25138
published_at 2026-04-08T12:55:00Z
5
value 0.00088
scoring_system epss
scoring_elements 0.25068
published_at 2026-04-07T12:55:00Z
6
value 0.00088
scoring_system epss
scoring_elements 0.25113
published_at 2026-04-16T12:55:00Z
7
value 0.00088
scoring_system epss
scoring_elements 0.25104
published_at 2026-04-18T12:55:00Z
8
value 0.00088
scoring_system epss
scoring_elements 0.25074
published_at 2026-04-21T12:55:00Z
9
value 0.00088
scoring_system epss
scoring_elements 0.25295
published_at 2026-04-04T12:55:00Z
10
value 0.00088
scoring_system epss
scoring_elements 0.25257
published_at 2026-04-02T12:55:00Z
11
value 0.00088
scoring_system epss
scoring_elements 0.25177
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12459
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1827765
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1827765
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1829724
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1829724
5
reference_url https://github.com/grafana/grafana
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana
6
reference_url https://github.com/grafana/grafana/commit/102448040d5132460e3b0013e03ebedec0677e00
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/commit/102448040d5132460e3b0013e03ebedec0677e00
7
reference_url https://github.com/grafana/grafana/issues/8283
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/issues/8283
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-12459
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-12459
11
reference_url https://security.netapp.com/advisory/ntap-20200518-0004
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200518-0004
12
reference_url https://src.fedoraproject.org/rpms/grafana/c/fab93d67363eb0a9678d9faf160cc88237f26277
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://src.fedoraproject.org/rpms/grafana/c/fab93d67363eb0a9678d9faf160cc88237f26277
13
reference_url https://access.redhat.com/errata/RHSA-2020:2362
reference_id RHSA-2020:2362
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2362
14
reference_url https://access.redhat.com/errata/RHSA-2020:4682
reference_id RHSA-2020:4682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4682
fixed_packages
aliases CVE-2020-12459, GHSA-m25m-5778-fm22
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-amqf-ytjf-fydp
1
url VCID-drfs-tub9-zqgg
vulnerability_id VCID-drfs-tub9-zqgg
summary 
Grafana XSS via the OpenTSDB datasource
Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13430.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13430.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-13430
reference_id
reference_type
scores
0
value 0.00403
scoring_system epss
scoring_elements 0.60729
published_at 2026-04-01T12:55:00Z
1
value 0.00403
scoring_system epss
scoring_elements 0.60881
published_at 2026-04-11T12:55:00Z
2
value 0.00403
scoring_system epss
scoring_elements 0.6086
published_at 2026-04-09T12:55:00Z
3
value 0.00403
scoring_system epss
scoring_elements 0.60844
published_at 2026-04-08T12:55:00Z
4
value 0.00403
scoring_system epss
scoring_elements 0.60795
published_at 2026-04-07T12:55:00Z
5
value 0.00403
scoring_system epss
scoring_elements 0.60831
published_at 2026-04-04T12:55:00Z
6
value 0.00403
scoring_system epss
scoring_elements 0.60802
published_at 2026-04-02T12:55:00Z
7
value 0.00403
scoring_system epss
scoring_elements 0.6088
published_at 2026-04-21T12:55:00Z
8
value 0.00403
scoring_system epss
scoring_elements 0.60896
published_at 2026-04-18T12:55:00Z
9
value 0.00403
scoring_system epss
scoring_elements 0.60892
published_at 2026-04-16T12:55:00Z
10
value 0.00403
scoring_system epss
scoring_elements 0.6085
published_at 2026-04-13T12:55:00Z
11
value 0.00403
scoring_system epss
scoring_elements 0.60868
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-13430
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/advisories/GHSA-7m2x-qhrq-rp8h
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-7m2x-qhrq-rp8h
4
reference_url https://github.com/grafana/grafana
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana
5
reference_url https://github.com/grafana/grafana/pull/24539
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/pull/24539
6
reference_url https://github.com/grafana/grafana/releases/tag/v7.0.0
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/releases/tag/v7.0.0
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-13430
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-13430
8
reference_url https://security.netapp.com/advisory/ntap-20200528-0003
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200528-0003
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1848108
reference_id 1848108
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1848108
10
reference_url https://access.redhat.com/errata/RHSA-2020:2796
reference_id RHSA-2020:2796
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2796
11
reference_url https://access.redhat.com/errata/RHSA-2020:2861
reference_id RHSA-2020:2861
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2861
12
reference_url https://access.redhat.com/errata/RHSA-2020:4682
reference_id RHSA-2020:4682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4682
fixed_packages
aliases CVE-2020-13430, GHSA-7m2x-qhrq-rp8h
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-drfs-tub9-zqgg
2
url VCID-ed2w-eexq-kuam
vulnerability_id VCID-ed2w-eexq-kuam
summary grafana: XSS annotation popup vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12052.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12052.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12052
reference_id
reference_type
scores
0
value 0.00716
scoring_system epss
scoring_elements 0.7233
published_at 2026-04-01T12:55:00Z
1
value 0.00716
scoring_system epss
scoring_elements 0.72336
published_at 2026-04-02T12:55:00Z
2
value 0.00716
scoring_system epss
scoring_elements 0.72355
published_at 2026-04-04T12:55:00Z
3
value 0.00716
scoring_system epss
scoring_elements 0.72331
published_at 2026-04-07T12:55:00Z
4
value 0.00716
scoring_system epss
scoring_elements 0.7237
published_at 2026-04-08T12:55:00Z
5
value 0.00716
scoring_system epss
scoring_elements 0.72383
published_at 2026-04-09T12:55:00Z
6
value 0.00716
scoring_system epss
scoring_elements 0.72406
published_at 2026-04-11T12:55:00Z
7
value 0.00716
scoring_system epss
scoring_elements 0.7239
published_at 2026-04-12T12:55:00Z
8
value 0.00716
scoring_system epss
scoring_elements 0.72377
published_at 2026-04-13T12:55:00Z
9
value 0.00716
scoring_system epss
scoring_elements 0.72419
published_at 2026-04-16T12:55:00Z
10
value 0.00716
scoring_system epss
scoring_elements 0.72428
published_at 2026-04-18T12:55:00Z
11
value 0.00716
scoring_system epss
scoring_elements 0.72416
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12052
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1848089
reference_id 1848089
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1848089
4
reference_url https://access.redhat.com/errata/RHSA-2020:2796
reference_id RHSA-2020:2796
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2796
5
reference_url https://access.redhat.com/errata/RHSA-2020:2861
reference_id RHSA-2020:2861
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2861
6
reference_url https://access.redhat.com/errata/RHSA-2020:4298
reference_id RHSA-2020:4298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4298
7
reference_url https://access.redhat.com/errata/RHSA-2020:4682
reference_id RHSA-2020:4682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4682
fixed_packages
aliases CVE-2020-12052
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ed2w-eexq-kuam
3
url VCID-fph7-rrjp-uqa1
vulnerability_id VCID-fph7-rrjp-uqa1
summary 
Grafana XSS in header column rename
Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00083.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00009.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00017.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00017.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12245.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12245.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12245
reference_id
reference_type
scores
0
value 0.03189
scoring_system epss
scoring_elements 0.8697
published_at 2026-04-08T12:55:00Z
1
value 0.03189
scoring_system epss
scoring_elements 0.8695
published_at 2026-04-07T12:55:00Z
2
value 0.03189
scoring_system epss
scoring_elements 0.86957
published_at 2026-04-04T12:55:00Z
3
value 0.03189
scoring_system epss
scoring_elements 0.86938
published_at 2026-04-02T12:55:00Z
4
value 0.03189
scoring_system epss
scoring_elements 0.86928
published_at 2026-04-01T12:55:00Z
5
value 0.03189
scoring_system epss
scoring_elements 0.86999
published_at 2026-04-18T12:55:00Z
6
value 0.03189
scoring_system epss
scoring_elements 0.86995
published_at 2026-04-16T12:55:00Z
7
value 0.03189
scoring_system epss
scoring_elements 0.8698
published_at 2026-04-13T12:55:00Z
8
value 0.03189
scoring_system epss
scoring_elements 0.86986
published_at 2026-04-12T12:55:00Z
9
value 0.03189
scoring_system epss
scoring_elements 0.86991
published_at 2026-04-11T12:55:00Z
10
value 0.03189
scoring_system epss
scoring_elements 0.86978
published_at 2026-04-09T12:55:00Z
11
value 0.03189
scoring_system epss
scoring_elements 0.86997
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12245
6
reference_url https://community.grafana.com/t/release-notes-v6-7-x/27119
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://community.grafana.com/t/release-notes-v6-7-x/27119
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/grafana/grafana
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana
9
reference_url https://github.com/grafana/grafana/blob/master/CHANGELOG.md#673-2020-04-23
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/blob/master/CHANGELOG.md#673-2020-04-23
10
reference_url https://github.com/grafana/grafana/commit/0284747c88eb9435899006d26ffaf65f89dec88e
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/commit/0284747c88eb9435899006d26ffaf65f89dec88e
11
reference_url https://github.com/grafana/grafana/pull/23816
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/pull/23816
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-12245
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-12245
13
reference_url https://security.netapp.com/advisory/ntap-20200511-0001
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200511-0001
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1848643
reference_id 1848643
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1848643
15
reference_url https://access.redhat.com/errata/RHSA-2020:2796
reference_id RHSA-2020:2796
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2796
16
reference_url https://access.redhat.com/errata/RHSA-2020:2861
reference_id RHSA-2020:2861
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2861
17
reference_url https://access.redhat.com/errata/RHSA-2020:4298
reference_id RHSA-2020:4298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4298
18
reference_url https://access.redhat.com/errata/RHSA-2020:4682
reference_id RHSA-2020:4682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4682
fixed_packages
aliases CVE-2020-12245, GHSA-ccmg-w4xm-p28v
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fph7-rrjp-uqa1
4
url VCID-snvt-p8kr-2ucq
vulnerability_id VCID-snvt-p8kr-2ucq
summary 
Grafana information disclosure
An information-disclosure flaw was found in Grafana. The database directory `/var/lib/grafana` and database file `/var/lib/grafana/grafana.db` are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource passwords).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12458.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12458.json
1
reference_url https://access.redhat.com/security/cve/CVE-2020-12458
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2020-12458
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-12458
reference_id
reference_type
scores
0
value 0.0007
scoring_system epss
scoring_elements 0.21324
published_at 2026-04-13T12:55:00Z
1
value 0.0007
scoring_system epss
scoring_elements 0.21379
published_at 2026-04-12T12:55:00Z
2
value 0.0007
scoring_system epss
scoring_elements 0.21418
published_at 2026-04-11T12:55:00Z
3
value 0.0007
scoring_system epss
scoring_elements 0.21302
published_at 2026-04-21T12:55:00Z
4
value 0.0007
scoring_system epss
scoring_elements 0.2127
published_at 2026-04-07T12:55:00Z
5
value 0.0007
scoring_system epss
scoring_elements 0.21517
published_at 2026-04-04T12:55:00Z
6
value 0.0007
scoring_system epss
scoring_elements 0.21463
published_at 2026-04-02T12:55:00Z
7
value 0.0007
scoring_system epss
scoring_elements 0.21307
published_at 2026-04-01T12:55:00Z
8
value 0.0007
scoring_system epss
scoring_elements 0.21327
published_at 2026-04-18T12:55:00Z
9
value 0.0007
scoring_system epss
scoring_elements 0.21319
published_at 2026-04-16T12:55:00Z
10
value 0.0007
scoring_system epss
scoring_elements 0.2141
published_at 2026-04-09T12:55:00Z
11
value 0.0007
scoring_system epss
scoring_elements 0.21349
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-12458
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1827765
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1827765
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/grafana/grafana
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana
6
reference_url https://github.com/grafana/grafana/commit/102448040d5132460e3b0013e03ebedec0677e00
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/commit/102448040d5132460e3b0013e03ebedec0677e00
7
reference_url https://github.com/grafana/grafana/issues/8283
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/issues/8283
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CTQCKJZZYXMCSHJFZZ3YXEO5NUBANGZS
9
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEBCIEVSYIDDCA7FTRS2IFUOYLIQU34A
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-12458
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-12458
11
reference_url https://security.netapp.com/advisory/ntap-20200518-0001
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200518-0001
12
reference_url https://access.redhat.com/errata/RHSA-2020:4682
reference_id RHSA-2020:4682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4682
fixed_packages
aliases CVE-2020-12458, GHSA-3jq7-8ph8-63xm
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-snvt-p8kr-2ucq
5
url VCID-txvc-2hvr-nkaj
vulnerability_id VCID-txvc-2hvr-nkaj
summary 
Grafana stored XSS
Grafana through 6.7.1 allows stored XSS.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11110.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11110.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-11110
reference_id
reference_type
scores
0
value 0.54022
scoring_system epss
scoring_elements 0.98019
published_at 2026-04-18T12:55:00Z
1
value 0.54022
scoring_system epss
scoring_elements 0.98016
published_at 2026-04-21T12:55:00Z
2
value 0.6164
scoring_system epss
scoring_elements 0.98329
published_at 2026-04-09T12:55:00Z
3
value 0.6164
scoring_system epss
scoring_elements 0.98333
published_at 2026-04-13T12:55:00Z
4
value 0.6164
scoring_system epss
scoring_elements 0.98332
published_at 2026-04-11T12:55:00Z
5
value 0.6164
scoring_system epss
scoring_elements 0.98324
published_at 2026-04-07T12:55:00Z
6
value 0.71419
scoring_system epss
scoring_elements 0.98715
published_at 2026-04-04T12:55:00Z
7
value 0.71419
scoring_system epss
scoring_elements 0.98712
published_at 2026-04-02T12:55:00Z
8
value 0.71419
scoring_system epss
scoring_elements 0.98711
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-11110
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/grafana/grafana
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana
4
reference_url https://github.com/grafana/grafana/blob/master/CHANGELOG.md
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/blob/master/CHANGELOG.md
5
reference_url https://github.com/grafana/grafana/commit/fb114a75241aaef4c08581b42509c750738b768a
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/commit/fb114a75241aaef4c08581b42509c750738b768a
6
reference_url https://github.com/grafana/grafana/pull/23254
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/pull/23254
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-11110
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-11110
8
reference_url https://security.netapp.com/advisory/ntap-20200810-0002
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200810-0002
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1861044
reference_id 1861044
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1861044
10
reference_url https://access.redhat.com/errata/RHSA-2020:4298
reference_id RHSA-2020:4298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4298
11
reference_url https://access.redhat.com/errata/RHSA-2020:4682
reference_id RHSA-2020:4682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4682
fixed_packages
aliases CVE-2020-11110, GHSA-xr3x-62qw-vc4w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-txvc-2hvr-nkaj
6
url VCID-w8d1-se9j-e7ew
vulnerability_id VCID-w8d1-se9j-e7ew
summary 
Grafana Arbitrary File Read
Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19499.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19499.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-19499
reference_id
reference_type
scores
0
value 0.4386
scoring_system epss
scoring_elements 0.97542
published_at 2026-04-21T12:55:00Z
1
value 0.4386
scoring_system epss
scoring_elements 0.97541
published_at 2026-04-18T12:55:00Z
2
value 0.4386
scoring_system epss
scoring_elements 0.97525
published_at 2026-04-09T12:55:00Z
3
value 0.4386
scoring_system epss
scoring_elements 0.97539
published_at 2026-04-16T12:55:00Z
4
value 0.4386
scoring_system epss
scoring_elements 0.97531
published_at 2026-04-13T12:55:00Z
5
value 0.4386
scoring_system epss
scoring_elements 0.97528
published_at 2026-04-11T12:55:00Z
6
value 0.4386
scoring_system epss
scoring_elements 0.97507
published_at 2026-04-01T12:55:00Z
7
value 0.4386
scoring_system epss
scoring_elements 0.97514
published_at 2026-04-02T12:55:00Z
8
value 0.4386
scoring_system epss
scoring_elements 0.97517
published_at 2026-04-04T12:55:00Z
9
value 0.4386
scoring_system epss
scoring_elements 0.97518
published_at 2026-04-07T12:55:00Z
10
value 0.4386
scoring_system epss
scoring_elements 0.97524
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-19499
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/grafana/grafana
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana
4
reference_url https://github.com/grafana/grafana/blob/master/CHANGELOG.md#644-2019-11-06
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/blob/master/CHANGELOG.md#644-2019-11-06
5
reference_url https://github.com/grafana/grafana/commit/19dbd27c5caa1a160bd5854b65a4e1fe2a8a4f00
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/commit/19dbd27c5caa1a160bd5854b65a4e1fe2a8a4f00
6
reference_url https://github.com/grafana/grafana/pull/20192
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/pull/20192
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-19499
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-19499
8
reference_url https://security.netapp.com/advisory/ntap-20200918-0003
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P
1
value 5.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200918-0003
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1873615
reference_id 1873615
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1873615
10
reference_url https://access.redhat.com/errata/RHSA-2020:4682
reference_id RHSA-2020:4682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4682
fixed_packages
aliases CVE-2019-19499, GHSA-4pwp-cx67-5cpx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w8d1-se9j-e7ew
7
url VCID-y46u-m8e4-9qcn
vulnerability_id VCID-y46u-m8e4-9qcn
summary 
Grafana XSS via a column style
Grafana has a XSS vulnerability via a column style on the "Dashboard > Table Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18624.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18624.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-18624
reference_id
reference_type
scores
0
value 0.00563
scoring_system epss
scoring_elements 0.68399
published_at 2026-04-21T12:55:00Z
1
value 0.00563
scoring_system epss
scoring_elements 0.68421
published_at 2026-04-18T12:55:00Z
2
value 0.00563
scoring_system epss
scoring_elements 0.68407
published_at 2026-04-16T12:55:00Z
3
value 0.00563
scoring_system epss
scoring_elements 0.68369
published_at 2026-04-13T12:55:00Z
4
value 0.00563
scoring_system epss
scoring_elements 0.68402
published_at 2026-04-12T12:55:00Z
5
value 0.00563
scoring_system epss
scoring_elements 0.68415
published_at 2026-04-11T12:55:00Z
6
value 0.00563
scoring_system epss
scoring_elements 0.68371
published_at 2026-04-08T12:55:00Z
7
value 0.00563
scoring_system epss
scoring_elements 0.6832
published_at 2026-04-07T12:55:00Z
8
value 0.00563
scoring_system epss
scoring_elements 0.68343
published_at 2026-04-04T12:55:00Z
9
value 0.00563
scoring_system epss
scoring_elements 0.68324
published_at 2026-04-02T12:55:00Z
10
value 0.00563
scoring_system epss
scoring_elements 0.68388
published_at 2026-04-09T12:55:00Z
11
value 0.00563
scoring_system epss
scoring_elements 0.68304
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-18624
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/grafana/grafana
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana
4
reference_url https://github.com/grafana/grafana/commit/0284747c88eb9435899006d26ffaf65f89dec88e
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/commit/0284747c88eb9435899006d26ffaf65f89dec88e
5
reference_url https://github.com/grafana/grafana/pull/11813
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/pull/11813
6
reference_url https://github.com/grafana/grafana/pull/23816
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/pull/23816
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-18624
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-18624
8
reference_url https://security.netapp.com/advisory/ntap-20200608-0008
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20200608-0008
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1850572
reference_id 1850572
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1850572
10
reference_url https://access.redhat.com/errata/RHSA-2020:4298
reference_id RHSA-2020:4298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4298
11
reference_url https://access.redhat.com/errata/RHSA-2020:4682
reference_id RHSA-2020:4682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4682
fixed_packages
aliases CVE-2018-18624, GHSA-9hv8-4frf-cprf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y46u-m8e4-9qcn
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/grafana@6.7.4-3%3Farch=el8