Closed Rebits closed 1 week ago
Regarding https://nvd.nist.gov/vuln/detail/CVE-2023-4822, this vulnerability affects the following grafana packages
Currently, E2E test packages that should include this vulnerability are:
No substantial change is necessary in the test case due to expected nonvulnerable packages (grafana-9.5.13, grafana-9.4.17) are still not vulnerable
CVE-2023-4822 included in d19ab01a36c2f6bcf438c7dc675f5c24a76420be
Currently testing in a local environment. Further information regarding changes will be provided when test is over
LGTM
Description
It has been detected Additional Vulnerability Detection End-to-End that Vulnerability Detector E2E grafana package metadata vulnerabilities do not contain
CVE-2023-4822
. It is necessary to include it for all the affected grafana versions