The snapshot feature in Grafana before 7.4.2 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set.
github.com/grafana/grafana/pkg/middleware
{ "nvd_published_at": "2021-03-18T20:15:00Z", "cwe_ids": [ "CWE-306", "CWE-400" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2021-05-14T17:47:34Z" }