| CVE-2013-5093 |
medium |
— |
7.8 |
|
|
|
13y ago |
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a … |
| CVE-2013-5942 |
medium |
— |
6.8 |
|
|
|
13y ago |
Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to (1) remote_storage.py, (2) st… |
| CVE-2013-5943 |
medium |
— |
4.3 |
|
|
|
13y ago |
Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0.9.11 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| CVE-2022-4730 |
unknown |
— |
— |
|
|
|
4y ago |
Graphite Web Cross-site Scripting vulnerability |
| CVE-2022-4728 |
unknown |
— |
— |
|
|
|
4y ago |
A vulnerability has been found in Graphite Web and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to cross site scripting. … |
| CVE-2022-4729 |
unknown |
— |
— |
|
|
|
4y ago |
Graphite Web Cross-site Scripting vulnerability |
| CVE-2017-18638 |
unknown |
— |
— |
|
|
|
7y ago |
send_email in graphite-web/webapp/graphite/composer/views.py in Graphite through 1.1.5 is vulnerable to SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server r… |
