Grafana Data Source Deletion Vulnerability (CVE-2024-1442) still present after upgrade to 10.1.8

vishalupadhyay007 · March 28, 2024, 9:56am

Hello Community,

Issue :- Grafana Data Source Deletion Vulnerability (CVE-2024-1442) still present after upgrade to 10.1.8.

Expectation :- How to mitigate as upgrade already in place as per Blog Grafana security release: Medium severity security fix for CVE-2024-1442 | Grafana Labs

Kindly seeking a urgent assistance here we are using Grafana OSS with 10.1.8

usman.ahmad · March 28, 2024, 10:00am

Hi @vishalupadhyay007,

Thanks for opening this post.

The community forum is not the official place for reporting bugs n security issues as described in this thread.

We would appreciate it if you kindly report it to our official contact point for Security issues using this link.

Provide all the information (you can simply copy/paste your data + screenshot from here to there) so that the team have all the information in advance.

Thank you

Topic		Replies	Views
Grafana 8.1.6 and 7.5.11 Security Update Security Announcements	0	1147	October 5, 2021
Grafana 8.3.2, 7.5.12 Security Update Security Announcements	0	1256	December 10, 2021
Changelog: Updates in Grafana 8.5.27 Releases	0	656	June 23, 2023
[Grafana library vulnerability] : Vulnerability in Grafana's Library nodejs #CVE-2024-6485 Grafana alerting , query-help	0	71	January 6, 2025
Logs4j CVE-2021-44228 Vulnerability Configuration	2	2192	December 15, 2021

Grafana Data Source Deletion Vulnerability (CVE-2024-1442) still present after upgrade to 10.1.8

Related topics