VulnerableCode Package Details - pkg:pypi/graphite-web@1.1.6

Search for packages

Vulnerability	Summary	Fixed by
VCID-axe7-qp46-rqc9 Aliases: CVE-2022-4730 GHSA-m973-4vpc-x43c	A vulnerability was found in Graphite Web. It has been classified as problematic. Affected is an unknown function of the component Absolute Time Range Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2f178f490e10efc03cd1d27c72f64ecab224eb23. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216744.	There are no reported fixed by versions.
VCID-nnux-k7r5-vqez Aliases: CVE-2022-4729 GHSA-q99p-78hp-xg5c	A vulnerability was found in Graphite Web and classified as problematic. This issue affects some unknown processing of the component Template Name Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2f178f490e10efc03cd1d27c72f64ecab224eb23. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216743.	There are no reported fixed by versions.
VCID-u2mw-71gv-jqh2 Aliases: CVE-2022-4728 GHSA-3c5x-4hvx-qrrr	A vulnerability has been found in Graphite Web and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2f178f490e10efc03cd1d27c72f64ecab224eb23. It is recommended to apply a patch to fix this issue. VDB-216742 is the identifier assigned to this vulnerability.	There are no reported fixed by versions.

Vulnerability

Summary

Fixed by

VCID-axe7-qp46-rqc9
Aliases:
CVE-2022-4730
GHSA-m973-4vpc-x43c

A vulnerability was found in Graphite Web. It has been classified as problematic. Affected is an unknown function of the component Absolute Time Range Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2f178f490e10efc03cd1d27c72f64ecab224eb23. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-216744.

There are no reported fixed by versions.

VCID-nnux-k7r5-vqez
Aliases:
CVE-2022-4729
GHSA-q99p-78hp-xg5c

A vulnerability was found in Graphite Web and classified as problematic. This issue affects some unknown processing of the component Template Name Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2f178f490e10efc03cd1d27c72f64ecab224eb23. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216743.

There are no reported fixed by versions.

VCID-u2mw-71gv-jqh2
Aliases:
CVE-2022-4728
GHSA-3c5x-4hvx-qrrr

A vulnerability has been found in Graphite Web and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2f178f490e10efc03cd1d27c72f64ecab224eb23. It is recommended to apply a patch to fix this issue. VDB-216742 is the identifier assigned to this vulnerability.

There are no reported fixed by versions.

Vulnerability	Summary	Aliases
VCID-u2dg-vem3-jbb8		CVE-2017-18638 GHSA-vfj6-275q-4pvm PYSEC-2019-151

Vulnerability

Summary

Aliases

VCID-u2dg-vem3-jbb8

CVE-2017-18638
GHSA-vfj6-275q-4pvm
PYSEC-2019-151

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-13T15:06:49.851341+00:00	GitLab Importer	Fixing	VCID-u2dg-vem3-jbb8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/graphite-web/CVE-2017-18638.yml	38.6.0
2026-06-12T18:42:56.911183+00:00	GitLab Importer	Affected by	VCID-u2mw-71gv-jqh2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/graphite-web/CVE-2022-4728.yml	38.6.0
2026-06-12T18:42:54.053624+00:00	GitLab Importer	Affected by	VCID-nnux-k7r5-vqez	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/graphite-web/CVE-2022-4729.yml	38.6.0
2026-06-12T18:42:53.165463+00:00	GitLab Importer	Affected by	VCID-axe7-qp46-rqc9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/graphite-web/CVE-2022-4730.yml	38.6.0
2026-06-12T08:10:32.822506+00:00	GithubOSV Importer	Fixing	VCID-u2dg-vem3-jbb8	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/10/GHSA-vfj6-275q-4pvm/GHSA-vfj6-275q-4pvm.json	38.6.0
2026-06-12T04:02:58.208658+00:00	Pypa Importer	Fixing	VCID-u2dg-vem3-jbb8	https://github.com/pypa/advisory-database/blob/main/vulns/graphite-web/PYSEC-2019-151.yaml	38.6.0
2026-06-11T20:44:46.795610+00:00	PyPI Importer	Fixing	VCID-u2dg-vem3-jbb8	https://osv-vulnerabilities.storage.googleapis.com/PyPI/all.zip	38.6.0
2026-06-11T20:25:34.838893+00:00	GHSA Importer	Fixing	VCID-u2dg-vem3-jbb8	https://github.com/advisories/GHSA-vfj6-275q-4pvm	38.6.0