graphite-web@0.9.9 vulnerabilities
Enterprise scalable realtime graphing
-
latest version
1.1.10
-
first published
15 years ago
-
latest version published
3 years ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the graphite-web package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
graphite-web is a real-time graphing system. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the "Template Name" input at How to fix Cross-site Scripting (XSS)? A fix was pushed into the |
[0,)
|
graphite-web is a real-time graphing system. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the "Absolute Time Range" input at How to fix Cross-site Scripting (XSS)? A fix was pushed into the |
[0,)
|
graphite-web is a real-time graphing system. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the "Relative Time Range" input at How to fix Cross-site Scripting (XSS)? A fix was pushed into the |
[0,)
|
graphite-web is a real-time graphing system. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via How to fix Cross-site Scripting (XSS)? Upgrade |
[,1.1.8)
|
graphite-web is a real-time graphing system. Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF) in How to fix Server-side Request Forgery (SSRF)? Upgrade |
[,1.1.6)
|
|
[0.9.5,0.9.11)
|
|
[0.9.5,0.9.11)
|
Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0.9.11 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
[,0.9.11)
|