[Git][security-tracker-team/security-tracker][master] Add CVE-2024-6322/grafana

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7fce0434 by Salvatore Bonaccorso at 2024-08-21T09:49:33+02:00
Add CVE-2024-6322/grafana

For reviewers: Note that the only reference linked in the CVE gives a
404, so it's not clear if its actuallly affecting src:grafana, only
Grafana enterprise or something else.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -109,7 +109,7 @@ CVE-2024-6377 (A reflected Cross-site Scripting (XSS) vulnerability affecting 3D
 CVE-2024-6337 (An Incorrect Authorization vulnerability was identified in GitHub Ente ...)
 	NOT-FOR-US: GitHub Enterprise Server
 CVE-2024-6322 (Access control for plugin data sources protected by the ReqActions jso ...)
-	TODO: check
+	- grafana <removed>
 CVE-2024-43409 (Ghost is a Node.js content management system. Improper authentication  ...)
 	NOT-FOR-US: Ghost
 CVE-2024-43408 (Discourse Placeholder Forms will let you build dynamic documentation.  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7fce0434d9b80528add72b48cd416471cc423d17

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7fce0434d9b80528add72b48cd416471cc423d17
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240821/28cb55c3/attachment.htm>