How severe is CVE-2022-39328?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2022-39328?

This is classified as CWE-362, which is a common weakness in software security.

CVE-2022-39328

HIGH Year: 2022

CVSS v3 Score

8.1

High

Weakness Type

CWE-362

View all →

Vulnerability Description

Grafana is an open-source platform for monitoring and observability. Versions starting with 9.2.0 and less than 9.2.4 contain a race condition in the authentication middlewares logic which may allow an unauthenticated user to query an administration endpoint under heavy load. This issue is patched in 9.2.4. There are no known workarounds.

CVE-2005-2352

HIGH

CVSS:8.1(High)

I race condition in Temp files was found in gs-gpl before 8.56 addons scripts.

CWE-3622005

CVE-2006-4245

HIGH

CVSS:8.1(High)

archivemail 0.6.2 uses temporary files insecurely leading to a possible race condition.

CWE-3622006

CVE-2009-4011

HIGH

CVSS:8.1(High)

dtc-xen 0.5.x before 0.5.4 suffers from a race condition where an attacker could potentially get a bash access as xenXX user on the dom0, and then access a potentially reuse an already opened VPS cons...

CWE-3622009

CVE-2014-3701

HIGH

CVSS:8.1(High)

eDeploy has tmp file race condition flaws

CWE-3622014

CVE-2014-9748

HIGH

CVSS:8.1(High)

The uv_rwlock_t fallback implementation for Windows XP and Server 2003 in libuv before 1.7.4 does not properly prevent threads from releasing the locks of other threads, which allows attackers to caus...

CWE-3622014

CVE-2015-1340

HIGH

CVSS:8.1(High)

LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer() has an unsafe Chmod() call that races against the stat in the Filepath.Walk() function. A symbolic link created in that window could cause an...

CWE-3622015

CVE-2022-39328

Vulnerability Description

Related Vulnerabilities

CVE-2005-2352

CVE-2006-4245

CVE-2009-4011

CVE-2014-3701

CVE-2014-9748

CVE-2015-1340