Affected by GO-2024-2513
and 24 other vulnerabilities
GO-2024-2513: Grafana information disclosure in github.com/grafana/grafana
GO-2024-2515: Grafana XSS via the OpenTSDB datasource in github.com/grafana/grafana
GO-2024-2516: Grafana XSS via a column style in github.com/grafana/grafana
GO-2024-2517: Grafana XSS in header column rename in github.com/grafana/grafana
GO-2024-2519: Grafana world readable configuration files in github.com/grafana/grafana
GO-2024-2520: Grafana XSS via a query alias for the ElasticSearch datasource in github.com/grafana/grafana
GO-2024-2523: Grafana stored XSS in github.com/grafana/grafana
GO-2024-2629: Grafana's users with permissions to create a data source can CRUD all data sources in github.com/grafana/grafana
GO-2024-2661: Arbitrary file read in github.com/grafana/grafana
GO-2024-2697: Grafana: Users outside an organization can delete a snapshot with its key in github.com/grafana/grafana
GO-2024-2843: Grafana Email addresses and usernames can not be trusted in github.com/grafana/grafana
GO-2024-2844: Grafana User enumeration via forget password in github.com/grafana/grafana
GO-2024-2847: Grafana Escalation from admin to server admin when auth proxy is used in github.com/grafana/grafana
GO-2024-2848: Grafana when using email as a username can block other users from signing in in github.com/grafana/grafana
GO-2024-2851: Grafana Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins in github.com/grafana/grafana
GO-2024-2852: Grafana account takeover via OAuth vulnerability in github.com/grafana/grafana
GO-2024-2854: Grafana folders admin only permission privilege escalation in github.com/grafana/grafana
GO-2024-2855: Grafana Plugin signature bypass in github.com/grafana/grafana
GO-2024-2856: Grafana Race condition allowing privilege escalation in github.com/grafana/grafana
GO-2024-2857: Grafana Stored Cross-site Scripting in Unified Alerting in github.com/grafana/grafana
GO-2024-2858: Grafana Data source and plugin proxy endpoints could leak the authentication cookie to some destination plugins in github.com/grafana/grafana
GO-2024-2867: Grafana Spoofing originalUrl of snapshots in github.com/grafana/grafana
GO-2024-3079: Grafana plugin data sources vulnerable to access control bypass in github.com/grafana/grafana
GO-2024-3215: Grafana Command Injection And Local File Inclusion Via Sql Expressions in github.com/grafana/grafana
GO-2024-3240: Grafana org admin can delete pending invites in different org in github.com/grafana/grafana
var (
// ErrCacheItemNotFound is returned if cache does not exist ErrCacheItemNotFound = errors.New("cache item not found")
// ErrInvalidCacheType is returned if the type is invalid ErrInvalidCacheType = errors.New("invalid remote cache name")
)
Register records a type, identified by a value for that type, under its
internal type name. That name will identify the concrete type of a value
sent or received as an interface variable. Only types that will be
transferred as implementations of interface values need to be registered.
Expecting to be used only during initialization, it panics if the mapping
between types and names is not a bijection.
type CacheStorage interface {
// Get reads object from Cache Get(key string) (interface{}, error)
// Set sets an object into the cache. if `expire` is set to zero it will default to 24h Set(key string, value interface{}, expire time.Duration) error// Delete object from cache Delete(key string) error
}
CacheStorage allows the caller to set, get and delete items in the cache.
Cached items are stored as byte arrays and marshalled using "encoding/gob"
so any struct added to the cache needs to be registred with `remotecache.Register`
ex `remotecache.Register(CacheableStruct{})“
Affected by 
Documentation
¶
Source Files