We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
In GitHub Security Advisory GHSA-mx47-6497-3fv2, there is a vulnerability in the following Go packages or modules:
Cross references:
See doc/triage.md for instructions on how to triage this report.
id: GO-ID-PENDING modules: - module: github.com/grafana/grafana versions: - introduced: 5.3.0 fixed: 8.3.10 packages: - package: github.com/grafana/grafana - module: github.com/grafana/grafana versions: - introduced: 8.4.0 fixed: 8.4.10 packages: - package: github.com/grafana/grafana - module: github.com/grafana/grafana versions: - introduced: 8.5.0 fixed: 8.5.9 packages: - package: github.com/grafana/grafana - module: github.com/grafana/grafana versions: - introduced: 9.0.0 fixed: 9.0.3 packages: - package: github.com/grafana/grafana summary: Grafana account takeover via OAuth vulnerability in github.com/grafana/grafana cves: - CVE-2022-31107 ghsas: - GHSA-mx47-6497-3fv2 references: - advisory: https://github.com/grafana/grafana/security/advisories/GHSA-mx47-6497-3fv2 - web: https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10 - web: https://grafana.com/docs/grafana/next/release-notes/release-notes-8-5-9 - web: https://grafana.com/docs/grafana/next/release-notes/release-notes-9-0-3 - web: https://security.netapp.com/advisory/ntap-20220901-0010 notes: - fix: 'module merge error: could not merge versions of module github.com/grafana/grafana: invalid or non-canonical semver version (found 5.3)' source: id: GHSA-mx47-6497-3fv2
The text was updated successfully, but these errors were encountered:
Change https://go.dev/cl/590277 mentions this issue: data/reports: add 26 unreviewed reports
data/reports: add 26 unreviewed reports
Sorry, something went wrong.
69991d5
No branches or pull requests
In GitHub Security Advisory GHSA-mx47-6497-3fv2, there is a vulnerability in the following Go packages or modules:
Cross references:
See doc/triage.md for instructions on how to triage this report.
The text was updated successfully, but these errors were encountered: