RSS   Vulnerabilities for 'Graphite'   RSS

2013-09-27
 
CVE-2013-5093

CWE-94
 

 
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object.

 
2013-09-23
 
CVE-2013-5903

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in Graphite before 0.9.11 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

 


Copyright 2024, cxsecurity.com

 

Back to Top