exploitDog

openSUSE-SU-2021:3175-1

Опубликовано: 21 сент. 2021

Источник: suse-cvrf

Описание

Security update for grafana-piechart-panel

This update for grafana-piechart-panel fixes the following issues:

CVE-2020-13429: Fixed XSS via the Values Header option in the piechart-panel (bsc#1172125).

Список пакетов

openSUSE Leap 15.3

grafana-piechart-panel-1.6.1-3.6.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JN7UM2F5HQYAKPOO75CIJNTXDGDU6ZTJ/
E-Mail link for openSUSE-SU-2021:3175-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1172125
SUSE Bug 1172125
https://www.suse.com/security/cve/CVE-2020-13429/
SUSE CVE CVE-2020-13429 page

Описание

legend.ts in the piechart-panel (aka Pie Chart Panel) plugin before 1.5.0 for Grafana allows XSS via the Values Header (aka legend header) option.

Затронутые продукты

openSUSE Leap 15.3:grafana-piechart-panel-1.6.1-3.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-13429.html
CVE-2020-13429
https://bugzilla.suse.com/1172125
SUSE Bug 1172125

Уязвимость openSUSE-SU-2021:3175-1