Browse all 3 CVE security advisories affecting Graphite. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Graphite serves as a monitoring and metrics visualization tool for time-series data, commonly used for infrastructure and application performance tracking. Historically, it has faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and authentication flaws. While no major public incidents have been widely documented, the three CVEs on record highlight potential risks in its web interface and data handling. Security characteristics include its Python-based architecture and reliance on Whisper database, which may introduce unique attack vectors. Regular updates and secure configuration remain critical for maintaining security in deployments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-4728 | Graphite Web Cookie cross site scripting — WebCWE-707 | 3.5 | Low | 2022-12-24 |
| CVE-2022-4729 | Graphite Web Template Name cross site scripting — WebCWE-707 | 3.5 | Low | 2022-12-24 |
| CVE-2022-4730 | Graphite Web Absolute Time Range cross site scripting — WebCWE-707 | 3.5 | Low | 2022-12-24 |
This page lists every published CVE security advisory associated with Graphite. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.