RHSA-2022:0002: Important: grafana security update
Published Jan 3, 2022
·Updated
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): golang: net/http: limit growth of header canonicalization cache (CVE-2021-44716) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Software
8 affected componentsFixes available
redhat/grafana<7.3.6-4.el8_4
7.3.6-4.el8_4
redhat/grafana<7.3.6-4.el8_4
7.3.6-4.el8_4
redhat/grafana-debuginfo<7.3.6-4.el8_4
7.3.6-4.el8_4
redhat/grafana-debuginfo<7.3.6-4.el8_4
7.3.6-4.el8_4
redhat/grafana<7.3.6-4.el8_4
7.3.6-4.el8_4
redhat/grafana-debuginfo<7.3.6-4.el8_4
7.3.6-4.el8_4
redhat/grafana<7.3.6-4.el8_4.aa
7.3.6-4.el8_4.aa
redhat/grafana-debuginfo<7.3.6-4.el8_4.aa
7.3.6-4.el8_4.aa
Remediation
Event History
Feb 5, 2026
Advisory Published
via Red Hat·04:55 PM
Data Sourced
via Red Hat·04:55 PM
RemedyDescriptionAffected Software
Frequently Asked Questions
1
What is the severity of RHSA-2022:0002?
The severity of RHSA-2022:0002 is classified as important.
2
How do I fix RHSA-2022:0002?
To fix RHSA-2022:0002, upgrade Grafana to version 7.3.6-4.el8_4.
3
Which versions of Grafana are affected by RHSA-2022:0002?
Grafana versions earlier than 7.3.6-4.el8_4 are affected by RHSA-2022:0002.
4
What components are affected by RHSA-2022:0002?
RHSA-2022:0002 affects the Grafana and Grafana-debuginfo packages.
5
Does RHSA-2022:0002 cover multiple architectures?
Yes, RHSA-2022:0002 covers multiple architectures including x86_64 and ppc64le.