Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/gperftools@1:2.7-9?arch=el8cp
Typerpm
Namespaceredhat
Namegperftools
Version1:2.7-9
Qualifiers
arch el8cp
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-pv34-th9b-37h6
vulnerability_id VCID-pv34-th9b-37h6
summary 
Grafana privilege escalation vulnerability
Grafana is an open-source platform for monitoring and observability. The vulnerability impacts instances with several organizations, and allows a user with Organization Admin permissions in one organization to change the permissions associated with Organization Viewer, Organization Editor and Organization Admin roles in all organizations.

It also allows an Organization Admin to assign or revoke any permissions that they have to any user globally.

This means that any Organization Admin can elevate their own permissions in any organization that they are already a member of, or elevate or restrict the permissions of any other user.

The vulnerability does not allow a user to become a member of an organization that they are not already a member of, or to add any other users to an organization that the current user is not a member of.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4822.json
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4822.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-4822
reference_id
reference_type
scores
0
value 0.00281
scoring_system epss
scoring_elements 0.51557
published_at 2026-04-21T12:55:00Z
1
value 0.00281
scoring_system epss
scoring_elements 0.51578
published_at 2026-04-18T12:55:00Z
2
value 0.00281
scoring_system epss
scoring_elements 0.51569
published_at 2026-04-16T12:55:00Z
3
value 0.00281
scoring_system epss
scoring_elements 0.51526
published_at 2026-04-13T12:55:00Z
4
value 0.00281
scoring_system epss
scoring_elements 0.51538
published_at 2026-04-12T12:55:00Z
5
value 0.00281
scoring_system epss
scoring_elements 0.51559
published_at 2026-04-11T12:55:00Z
6
value 0.00281
scoring_system epss
scoring_elements 0.51463
published_at 2026-04-07T12:55:00Z
7
value 0.00281
scoring_system epss
scoring_elements 0.51517
published_at 2026-04-08T12:55:00Z
8
value 0.00281
scoring_system epss
scoring_elements 0.51504
published_at 2026-04-04T12:55:00Z
9
value 0.00281
scoring_system epss
scoring_elements 0.51476
published_at 2026-04-02T12:55:00Z
10
value 0.00281
scoring_system epss
scoring_elements 0.51515
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-4822
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/grafana/grafana
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana
4
reference_url https://grafana.com/security/security-advisories/cve-2023-4822
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-16T18:09:06Z/
url https://grafana.com/security/security-advisories/cve-2023-4822
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-4822
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-4822
6
reference_url https://security.netapp.com/advisory/ntap-20231103-0008
reference_id
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231103-0008
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2239726
reference_id 2239726
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2239726
8
reference_url https://security.netapp.com/advisory/ntap-20231103-0008/
reference_id ntap-20231103-0008
reference_type
scores
0
value 6.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-16T18:09:06Z/
url https://security.netapp.com/advisory/ntap-20231103-0008/
9
reference_url https://access.redhat.com/errata/RHSA-2024:3925
reference_id RHSA-2024:3925
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:3925
fixed_packages
aliases CVE-2023-4822, GHSA-fw9c-75hh-89p6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pv34-th9b-37h6
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/gperftools@1:2.7-9%3Farch=el8cp