| Max CVSS | 6.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-5093 | 6.8 |
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object.
|
07-10-2013 - 20:25 | 27-09-2013 - 10:08 | |
| CVE-2013-5943 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Graphite before 0.9.11 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
07-10-2013 - 20:17 | 27-09-2013 - 10:08 | |
| CVE-2013-5942 | 6.8 |
Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to (1) remote_storage.py, (2) storage.py, (3) render/datalib.py, and (4) whitelist/
|
07-10-2013 - 20:17 | 27-09-2013 - 10:08 |