Lucene search
GoogleOSV:CVE-2021-36156HistoryAug 03, 2021 - 3:15 p.m.
CVE-2021-36156
2021-08-0315:15:08
Google
osv.dev
13
grafana loki
directory traversal
header value
An issue was discovered in Grafana Loki through 2.2.1. The header value X-Scope-OrgID is used to construct file paths for rules files, and if crafted to conduct directory traversal such as ae …/…/sensitive/path/in/deployment pathname, then Loki will attempt to parse a rules file at that location and include some of the contents in the error message.
Related
archlinux
archlinux
[ASA-202108-12] loki: directory traversal
2021-08-10 00:00:00
github
github
Path traversal in Grafana Loki
2021-09-02 22:00:40
osv
osv
CGA-4xv5-8vr9-w28r
2024-06-06 12:23:51
Path traversal in Grafana Loki
2021-09-02 22:00:40
veracode
veracode
Directory Traversal
2021-08-04 09:34:24
prion
prion
Directory traversal
2021-08-03 15:15:00
redhatcve
redhatcve
CVE-2021-36156
2023-03-30 13:43:43
cvelist
cvelist
CVE-2021-36156
2021-08-03 14:12:11
nvd
nvd
CVE-2021-36156
2021-08-03 15:15:08
cve
cve
CVE-2021-36156
2021-08-03 15:15:08