CVE-2024-5526

Source
https://nvd.nist.gov/vuln/detail/CVE-2024-5526
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-5526.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-5526
Published
2024-06-05T12:15:10Z
Modified
2025-01-14T12:17:46.325011Z
Severity
  • 9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
Summary
[none]
Details

Grafana OnCall is an easy-to-use on-call management tool that will help reduce toil in on-call management through simpler workflows and interfaces that are tailored specifically for engineers.

Grafana OnCall, from version 1.1.37 before 1.5.2 are vulnerable to a Server Side Request Forgery (SSRF) vulnerability in the webhook functionallity.

This issue was fixed in version 1.5.2

References

Affected packages

Git / github.com/grafana/oncall

Affected ranges

Type
GIT
Repo
https://github.com/grafana/oncall
Events

Affected versions

oncall-1.*

oncall-1.1.37
oncall-1.1.38
oncall-1.1.39
oncall-1.1.40
oncall-1.1.41
oncall-1.2.1
oncall-1.2.10
oncall-1.2.11
oncall-1.2.12
oncall-1.2.13
oncall-1.2.14
oncall-1.2.15
oncall-1.2.16
oncall-1.2.17
oncall-1.2.19
oncall-1.2.2
oncall-1.2.21
oncall-1.2.22
oncall-1.2.23
oncall-1.2.24
oncall-1.2.26
oncall-1.2.27
oncall-1.2.28
oncall-1.2.3
oncall-1.2.30
oncall-1.2.31
oncall-1.2.32
oncall-1.2.33
oncall-1.2.34
oncall-1.2.35
oncall-1.2.36
oncall-1.2.4
oncall-1.2.40
oncall-1.2.41
oncall-1.2.42
oncall-1.2.44
oncall-1.2.46
oncall-1.2.5
oncall-1.2.6
oncall-1.2.7
oncall-1.2.8
oncall-1.2.9
oncall-1.3.0
oncall-1.3.1
oncall-1.3.10
oncall-1.3.100
oncall-1.3.101
oncall-1.3.102
oncall-1.3.104
oncall-1.3.105
oncall-1.3.106
oncall-1.3.108
oncall-1.3.109
oncall-1.3.11
oncall-1.3.110
oncall-1.3.111
oncall-1.3.112
oncall-1.3.113
oncall-1.3.114
oncall-1.3.115
oncall-1.3.116
oncall-1.3.117
oncall-1.3.118
oncall-1.3.12
oncall-1.3.13
oncall-1.3.14
oncall-1.3.15
oncall-1.3.17
oncall-1.3.18
oncall-1.3.19
oncall-1.3.2
oncall-1.3.20
oncall-1.3.21
oncall-1.3.22
oncall-1.3.23
oncall-1.3.24
oncall-1.3.25
oncall-1.3.26
oncall-1.3.27
oncall-1.3.28
oncall-1.3.29
oncall-1.3.3
oncall-1.3.30
oncall-1.3.31
oncall-1.3.32
oncall-1.3.33
oncall-1.3.34
oncall-1.3.35
oncall-1.3.37
oncall-1.3.38
oncall-1.3.39
oncall-1.3.4
oncall-1.3.41
oncall-1.3.42
oncall-1.3.43
oncall-1.3.45
oncall-1.3.5
oncall-1.3.59
oncall-1.3.6
oncall-1.3.60
oncall-1.3.61
oncall-1.3.62
oncall-1.3.63
oncall-1.3.64
oncall-1.3.7
oncall-1.3.75
oncall-1.3.76
oncall-1.3.77
oncall-1.3.78
oncall-1.3.79
oncall-1.3.8
oncall-1.3.80
oncall-1.3.81
oncall-1.3.82
oncall-1.3.83
oncall-1.3.84
oncall-1.3.85
oncall-1.3.86
oncall-1.3.9
oncall-1.3.90
oncall-1.3.91
oncall-1.3.92
oncall-1.3.93
oncall-1.3.94
oncall-1.3.95
oncall-1.3.96
oncall-1.3.97
oncall-1.3.98
oncall-1.3.99
oncall-1.4.0
oncall-1.4.1
oncall-1.4.2
oncall-1.4.3
oncall-1.4.4
oncall-1.4.5
oncall-1.4.6
oncall-1.4.7
oncall-1.5.0
oncall-1.5.1

v1.*

v1.1.38
v1.1.39
v1.1.40
v1.1.41
v1.2.0
v1.2.1
v1.2.10
v1.2.11
v1.2.12
v1.2.13
v1.2.14
v1.2.15
v1.2.16
v1.2.17
v1.2.18
v1.2.2
v1.2.21
v1.2.22
v1.2.23
v1.2.24
v1.2.25
v1.2.26
v1.2.27
v1.2.29
v1.2.3
v1.2.30
v1.2.32
v1.2.33
v1.2.34
v1.2.35
v1.2.36
v1.2.37
v1.2.38
v1.2.39
v1.2.4
v1.2.40
v1.2.41
v1.2.42
v1.2.43
v1.2.44
v1.2.45
v1.2.46
v1.2.5
v1.2.6
v1.2.7
v1.2.8
v1.2.9
v1.3.0
v1.3.1
v1.3.10
v1.3.100
v1.3.101
v1.3.102
v1.3.103
v1.3.104
v1.3.105
v1.3.106
v1.3.107
v1.3.108
v1.3.109
v1.3.11
v1.3.110
v1.3.111
v1.3.112
v1.3.113
v1.3.114
v1.3.115
v1.3.116
v1.3.117
v1.3.118
v1.3.12
v1.3.13
v1.3.14
v1.3.15
v1.3.16
v1.3.17
v1.3.18
v1.3.2
v1.3.20
v1.3.21
v1.3.22
v1.3.23
v1.3.24
v1.3.25
v1.3.26
v1.3.27
v1.3.28
v1.3.29
v1.3.3
v1.3.30
v1.3.31
v1.3.32
v1.3.33
v1.3.34
v1.3.35
v1.3.36
v1.3.37
v1.3.38
v1.3.39
v1.3.4
v1.3.40
v1.3.41
v1.3.42
v1.3.43
v1.3.44
v1.3.45
v1.3.46
v1.3.47
v1.3.48
v1.3.49
v1.3.5
v1.3.50
v1.3.51
v1.3.52
v1.3.53
v1.3.54
v1.3.55
v1.3.56
v1.3.57
v1.3.58
v1.3.59
v1.3.6
v1.3.60
v1.3.61
v1.3.62
v1.3.63
v1.3.64
v1.3.65
v1.3.66
v1.3.67
v1.3.68
v1.3.69
v1.3.7
v1.3.70
v1.3.71
v1.3.72
v1.3.73
v1.3.74
v1.3.75
v1.3.76
v1.3.77
v1.3.78
v1.3.79
v1.3.8
v1.3.80
v1.3.81
v1.3.82
v1.3.83
v1.3.84
v1.3.86
v1.3.87
v1.3.88
v1.3.89
v1.3.9
v1.3.90
v1.3.91
v1.3.92
v1.3.95
v1.3.96
v1.3.97
v1.3.98
v1.3.99
v1.4.0
v1.4.1
v1.4.2
v1.4.3
v1.4.4
v1.4.5
v1.4.6
v1.4.7
v1.5.0
v1.5.1
v1.x.x