EPSS
Percentile
34.8%
github.com/grafana/loki is vulnerable to directory traversal. An attacker is able to input malicious rules files with a pathname in the header value X-Scope-OrgID that will expose the location and contents at that location.
github.com/grafana/loki/pull/4020#issue-694377133
github.com/grafana/loki/releases/tag/v2.3.0
grafana.com/docs/grafana/latest/release-notes/