x/vulndb: potential Go vuln in github.com/grafana/grafana: GHSA-3hv4-r2fm-h27f

In GitHub Security Advisory GHSA-3hv4-r2fm-h27f, there is a vulnerability in the following Go packages or modules:

Unit	Fixed	Vulnerable Ranges
github.com/grafana/grafana	10.3.3	>= 10.3.0, < 10.3.3	github.com/grafana/grafana	10.2.4	>= 10.2.0, < 10.2.4	github.com/grafana/grafana	10.1.7	>= 10.1.0, < 10.1.7	github.com/grafana/grafana	10.0.11	>= 10.0.0, < 10.0.11	github.com/grafana/grafana	9.5.16	>= 2.5.0, < 9.5.16

Cross references:

Module github.com/grafana/grafana appears in issue #259 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #275 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #276 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #277 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #296 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #311 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #312 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #313 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #342 NOT_IMPORTABLE
Module github.com/grafana/grafana appears in issue #707 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #753 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #773 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #934 NOT_IMPORTABLE
Module github.com/grafana/grafana appears in issue #1599 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #1603 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #1604 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #1673 NOT_A_VULNERABILITY
Module github.com/grafana/grafana appears in issue #1674 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #1680 NOT_GO_CODE
Module github.com/grafana/grafana appears in issue #1843 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #1844 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #1856 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #1875 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #1964 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #2120 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #2483 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #2510 NOT_IMPORTABLE
Module github.com/grafana/grafana appears in issue #2513 EFFECTIVELY_PRIVATE
Module github.com/grafana/grafana appears in issue #2515 NOT_IMPORTABLE
Module github.com/grafana/grafana appears in issue #2516 NOT_IMPORTABLE
Module github.com/grafana/grafana appears in issue #2517 NOT_IMPORTABLE
Module github.com/grafana/grafana appears in issue #2520 NOT_IMPORTABLE

See doc/triage.md for instructions on how to triage this report.

modules:
    - module: github.com/grafana/grafana
      versions:
        - introduced: 10.3.0
          fixed: 10.3.3
      packages:
        - package: github.com/grafana/grafana
    - module: github.com/grafana/grafana
      versions:
        - introduced: 10.2.0
          fixed: 10.2.4
      packages:
        - package: github.com/grafana/grafana
    - module: github.com/grafana/grafana
      versions:
        - introduced: 10.1.0
          fixed: 10.1.7
      packages:
        - package: github.com/grafana/grafana
    - module: github.com/grafana/grafana
      versions:
        - introduced: 10.0.0
          fixed: 10.0.11
      packages:
        - package: github.com/grafana/grafana
    - module: github.com/grafana/grafana
      versions:
        - introduced: 2.5.0
          fixed: 9.5.16
      packages:
        - package: github.com/grafana/grafana
summary: Email Validation Bypass And Preventing Sign Up From Email's Owner
cves:
    - CVE-2023-6152
ghsas:
    - GHSA-3hv4-r2fm-h27f
references:
    - advisory: https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f
    - advisory: https://github.com/advisories/GHSA-3hv4-r2fm-h27f

golang / vulndb

x/vulndb: potential Go vuln in github.com/grafana/grafana: GHSA-3hv4-r2fm-h27f #2551