/
DirectorySecurity AdvisoriesPricing
Sign in
Security Advisories

CGA-4xv5-8vr9-w28r

Published

Last updated

https://images.chainguard.dev/security/CGA-4xv5-8vr9-w28r
Package

grafana-7

Repository

Chainguard

Latest Update
Not affected
Aliases
  • CVE-2021-36156
  • GHSA-grj5-8x6q-hc9q

Severity

5.3

Medium

CVSS V3

References

  • https://nvd.nist.gov/vuln/detail/CVE-2021-36156
  • https://github.com/advisories/GHSA-grj5-8x6q-hc9q

Updates

Status

Not affected

Justification

Vulnerable code not present

Impact

The vulnerability affects the Grafana Loki server, not the library. Loki is imported as a library. The golang vulnerability database reports a false-positive: https://github.com/golang/vulndb/blob/47864735862dde2f809a19e4f6ffc1de8d6f3703/data/excluded/GO-2022-0926.yaml

Safe Source for Open Source™
Contact us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSGolden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsChainguard CoursesDocumentationTrust Center

Company

About UsBlogPartnersNewsroomCareersLegal