Back to bug 2104365
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Avinash Hanwate | 2022-07-06 04:25:46 UTC | CC | security-response-team | |
| Avinash Hanwate | 2022-07-06 04:27:38 UTC | Blocks | 2104176 | |
| TEJ RATHI | 2022-07-07 09:48:36 UTC | CC | amuller, anpicker, bmontgom, eparis, gparvin, jburrell, jramanat, jwendell, njean, nstielau, ovanders, pahickey, rcernich, spasquie, sponnaga, stcannon | |
| Anten Skrabec | 2022-07-13 21:37:32 UTC | CC | vkumar | |
| Anten Skrabec | 2022-07-13 21:40:53 UTC | Depends On | 2106926, 2106928, 2106927, 2106932, 2106924, 2106931, 2106923, 2106929, 2106925, 2106930 | |
| Group | team ocp_embargoes | |||
| Sandipan Roy | 2022-07-14 13:38:31 UTC | Depends On | 2107186, 2107183, 2107185, 2107188, 2107181, 2107184, 2107187 | |
| Avinash Hanwate | 2022-07-15 03:41:28 UTC | Group | qe_staff, security, team ocp_embargoes | |
| CC | grafana-maint, mgoodwin | |||
| Summary | EMBARGOED CVE-2022-31097 grafana: stored XSS vulnerability | CVE-2022-31097 grafana: stored XSS vulnerability | ||
| Deadline | 2022-07-14 | |||
| Avinash Hanwate | 2022-07-15 03:59:01 UTC | Fixed In Version | Grafana 9.0.3, 8.5.9, 8.4.10, and 8.3.10 | |
| Avinash Hanwate | 2022-07-15 04:01:28 UTC | Fixed In Version | Grafana 9.0.3, 8.5.9, 8.4.10, and 8.3.10 | Grafana 9.0.3, Grafana 8.5.9, Grafana 8.4.10, Grafana 8.3.10 |
| Avinash Hanwate | 2022-07-15 04:06:16 UTC | Doc Text | An XSS vulnerability was found in the Unified Alerting feature of Grafana. This stored XSS could be used to elevate privileges from Editor to Admin. | |
| Avinash Hanwate | 2022-07-15 04:07:41 UTC | Depends On | 2107436 | |
| RaTasha Tillery-Smith | 2022-07-15 13:39:39 UTC | Doc Text | An XSS vulnerability was found in the Unified Alerting feature of Grafana. This stored XSS could be used to elevate privileges from Editor to Admin. | A Cross-site scripting (XSS) vulnerability was found in the Unified Alerting feature of Grafana. This stored XSS can elevate privileges from Editor to Admin. |
| Borja Tarraso | 2022-07-20 11:16:29 UTC | Depends On | 2109062, 2109063, 2109064 | |
| Red Hat Bugzilla | 2022-08-12 04:30:47 UTC | CC | amuller | |
| Red Hat Bugzilla | 2023-01-01 05:32:49 UTC | CC | amctagga | |
| Red Hat Bugzilla | 2023-01-01 05:47:16 UTC | CC | flucifre | |
| Red Hat Bugzilla | 2023-01-01 05:52:50 UTC | CC | mhackett | |
| Red Hat Bugzilla | 2023-01-01 06:02:35 UTC | CC | bniver | |
| Red Hat Bugzilla | 2023-01-01 08:35:15 UTC | CC | mbenjamin | |
| Red Hat Bugzilla | 2023-01-01 08:44:28 UTC | CC | sostapov | |
| Red Hat Bugzilla | 2023-01-01 08:49:12 UTC | CC | vereddy | |
| Alasdair Kergon | 2023-01-04 05:43:50 UTC | CC | sostapov | |
| Alasdair Kergon | 2023-01-04 06:11:25 UTC | CC | bniver | |
| Alasdair Kergon | 2023-01-04 06:43:51 UTC | CC | flucifre | |
| Alasdair Kergon | 2023-01-04 06:51:06 UTC | CC | mbenjamin | |
| Alasdair Kergon | 2023-01-04 06:59:12 UTC | CC | vereddy | |
| Alasdair Kergon | 2023-01-04 11:29:24 UTC | CC | mhackett | |
| Red Hat Bugzilla | 2023-02-03 23:11:29 UTC | CC | ovanders | |
| errata-xmlrpc | 2023-06-15 16:00:17 UTC | Link ID | Red Hat Product Errata RHSA-2023:3642 | |
| Red Hat Bugzilla | 2023-07-07 08:33:44 UTC | CC | security-response-team | |
| Assignee | security-response-team | nobody |
Back to bug 2104365