VDB
GO-2022-0305
GO-2022-0305
PUBLISHED
Instance config inline secret exposure in Grafana in github.com/grafana/agent
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| github.com | grafana/agent | 0.14.0, 0.14.0 |
Timeline
- Aug 21, 2024 CVE Published
- Mar 3, 2026 CVE Updated
- May 1, 2026 Security Advisory
References
- https://github.com/grafana/agent/security/advisories/GHSA-9c4x-5hgq-q3wh advisory
- https://nvd.nist.gov/vuln/detail/CVE-2021-41090 advisory
- https://security.netapp.com/advisory/ntap-20211229-0004 url
- https://github.com/grafana/agent/pull/1152 fix
- https://github.com/grafana/agent/commit/a5479755e946e5c7cddb793ee9adda8f5692ba11 fix
- https://github.com/grafana/agent/commit/af7fb01e31fe2d389e5f1c36b399ddc46b412b21 fix
- https://github.com/grafana/agent/releases/tag/v0.20.1 fix
- https://github.com/grafana/agent/releases/tag/v0.21.2 fix