Lucene search
GoogleOSV:GHSA-GRJ5-8X6Q-HC9QHistorySep 02, 2021 - 10:00 p.m.
Path traversal in Grafana Loki
2021-09-0222:00:40
Google
osv.dev
13
grafana loki
path traversal
directory traversal
security
vulnerability
rules files
EPSS
0.001
Percentile
34.8%
An issue was discovered in Grafana Loki through 2.2.1. The header value X-Scope-OrgID is used to construct file paths for rules files, and if crafted to conduct directory traversal such as ae …/…/sensitive/path/in/deployment pathname, then Loki will attempt to parse a rules file at that location and include some of the contents in the error message.
Related
archlinux
archlinux
[ASA-202108-12] loki: directory traversal
2021-08-10 00:00:00
github
github
Path traversal in Grafana Loki
2021-09-02 22:00:40
osv
osv
CGA-4xv5-8vr9-w28r
2024-06-06 12:23:51
CVE-2021-36156
2021-08-03 15:15:08
veracode
veracode
Directory Traversal
2021-08-04 09:34:24
prion
prion
Directory traversal
2021-08-03 15:15:00
redhatcve
redhatcve
CVE-2021-36156
2023-03-30 13:43:43
cvelist
cvelist
CVE-2021-36156
2021-08-03 14:12:11
nvd
nvd
CVE-2021-36156
2021-08-03 15:15:08
cve
cve
CVE-2021-36156
2021-08-03 15:15:08