Grafana 8.3.1, 8.2.7, 8.1.8, and 8.0.7 released with high severity security fix

Grafana released versions 8.3.1, 8.2.7, 8.1.8, and 8.0.7 to address a high severity security vulnerability, CVE-2021-43798, which affects Grafana versions from 8.0.0-beta1 through 8.3.0, related to a directory traversal issue allowing access to local files. The vulnerability, which does not impact Grafana Cloud due to its defense-in-depth approach, requires users of affected versions to upgrade immediately or use a reverse proxy to mitigate the risk. The announcement was made following a timeline that included a leak of the vulnerability to the public, turning it into a zero-day exploit, and a rapid response by Grafana to release the security fix. Grafana has emphasized the importance of reporting security issues to their dedicated email and provides regular security updates on their blog.