Homepage

grafana-postgres

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the grafana-postgres package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • H
Arbitrary Code Injection

*
  • L
Missing Release of Resource after Effective Lifetime

*
  • L
Origin Validation Error

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • H
Inefficient Regular Expression Complexity

*
  • H
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • H
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • H
Authentication Bypass

*
  • H
Information Exposure

*
  • H
Information Exposure

*
  • M
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • M
Improper Neutralization of Equivalent Special Elements

*
  • M
Cross-site Scripting (XSS)

*
  • H
Improper Validation of Unsafe Equivalence in Input

*
  • M
Improper Validation of Unsafe Equivalence in Input

*
  • H
Release of Invalid Pointer or Reference

*
  • H
CVE-2026-33811

*
  • M
Insufficient Granularity of Access Control

*
  • H
Improper Certificate Validation

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Use of a Non-reentrant Function in a Concurrent Context

*
  • H
OS Command Injection

*
  • M
Least Privilege Violation

*
  • M
Authorization Bypass Through User-Controlled Key

*
  • M
Open Redirect

*
  • H
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • M
Origin Validation Error

*
  • M
Out-of-bounds Write

*
  • H
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • H
Multiple Locks of a Critical Resource

*
  • H
Arbitrary Argument Injection

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • H
Server-Side Request Forgery (SSRF)

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • H
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • M
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • M
Insufficient Granularity of Access Control

*
  • M
Comparison Using Wrong Factors

*
  • M
CRLF Injection

*
  • M
HTTP Request Smuggling

*
  • M
Cross-site Scripting (XSS)

*
  • H
Improper Cross-boundary Removal of Sensitive Data

*
  • L
Out-of-bounds Write

*
  • M
Improper Validation of Unsafe Equivalence in Input

*
  • M
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • M
Off-by-one Error

*
  • L
Insufficient Compartmentalization

*
  • M
Improper Neutralization of Equivalent Special Elements

*
  • M
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • L
Incorrect Privilege Assignment

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Excessive Platform Resource Consumption within a Loop

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • L
Improper Validation of Specified Quantity in Input

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Unchecked Input for Loop Condition

*
  • M
Improperly Controlled Modification of Dynamically-Determined Object Attributes

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Executable Regular Expression Error

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Cleartext Storage of Sensitive Information

*
  • M
Unchecked Input for Loop Condition

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • H
Improper Validation of Syntactic Correctness of Input

*
  • M
NULL Pointer Dereference

*
  • M
Incorrect Behavior Order: Early Validation

*
  • M
Unchecked Input for Loop Condition

*
  • M
Improper Validation of Integrity Check Value

*
  • M
Improper Handling of Highly Compressed Data (Data Amplification)

*
  • L
Time-of-check Time-of-use (TOCTOU)

*
  • L
Server-Side Request Forgery (SSRF)

*
  • M
Cross-site Scripting (XSS)

*
  • L
Server-Side Request Forgery (SSRF)

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Deserialization of Untrusted Data

*
  • H
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • M
Use of a Risky Cryptographic Primitive

*
  • M
Improper Certificate Validation

*
  • L
CVE-2025-58186

*
  • H
Excessive Platform Resource Consumption within a Loop

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Reachable Assertion

*
  • M
Creation of Immutable Text Using String Concatenation

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Improper Output Neutralization for Logs

*
  • M
Expected Behavior Violation

*
  • M
Expected Behavior Violation

*
  • L
Inefficient Regular Expression Complexity

*
  • L
Link Following

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • L
Open Redirect

*
  • H
Improper Input Validation

*
  • M
CVE-2025-4673

*
  • L
Inefficient Regular Expression Complexity

*
  • L
Improper Input Validation

*
  • M
Origin Validation Error

*
  • M
Exposed Dangerous Method or Function

*
  • M
Improper Access Control

*
  • M
Incomplete Filtering of Special Elements

*
  • M
Improper Input Validation

*
  • M
Arbitrary Code Injection

*
  • M
Server-Side Request Forgery (SSRF)

*
  • M
Information Exposure

*
  • M
Cross-site Scripting (XSS)

*
  • H
Improper Verification of Cryptographic Signature

*
  • L
Improper Verification of Cryptographic Signature

*
  • M
Information Exposure

*
  • L
Authorization Bypass Through User-Controlled Key

*
  • L
Information Exposure

*
  • M
Resource Exhaustion

*
  • M
Cross-site Scripting (XSS)

*
  • M
CRLF Injection

*
  • L
Improper Handling of Exceptional Conditions

*
  • M
Use of Uninitialized Variable

*
  • H
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Insufficient Compartmentalization

*
  • M
Insufficiently Protected Credentials

*
  • M
Missing Required Cryptographic Step

*
  • M
Improper Verification of Cryptographic Signature

*
  • M
Improper Input Validation

*
  • M
Authentication Bypass

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Misinterpretation of Input

*
  • M
Improper Input Validation

*
  • M
Arbitrary Code Injection

*
  • M
Improper Certificate Validation

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Buffer Access with Incorrect Length Value

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • H
Inefficient Regular Expression Complexity

*
  • M
Resource Exhaustion

*
  • M
Information Exposure

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Resource Exhaustion

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Resource Exhaustion

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
External Control of Assumed-Immutable Web Parameter

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Incorrect Implementation of Authentication Algorithm

*
  • M
Information Exposure

*
  • M
Inefficient Regular Expression Complexity

*
  • M
CVE-2022-39201

*
  • M
Insufficiently Protected Credentials

*
  • M
Improper Verification of Cryptographic Signature

*
  • M
Authentication Bypass

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Inefficient Regular Expression Complexity

*
  • L
Resource Exhaustion

*
  • L
Directory Traversal

*
  • M
Open Redirect

*
  • L
Insufficient Entropy

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Arbitrary Argument Injection

<0:6.7.4-3.el8
  • M
Cross-site Scripting (XSS)

<0:6.7.4-3.el8
  • M
Cross-site Scripting (XSS)

<0:6.7.4-3.el8
  • M
Incorrect Permission Assignment for Critical Resource

<0:6.7.4-3.el8
  • M
Cross-site Scripting (XSS)

<0:6.7.4-3.el8
  • M
Cross-site Scripting (XSS)

<0:6.7.4-3.el8
  • M
Incorrect Permission Assignment for Critical Resource

<0:6.7.4-3.el8
  • M
Cross-site Scripting (XSS)

<0:6.7.4-3.el8
  • H
Server-Side Request Forgery (SSRF)

<0:6.3.6-2.el8_2
  • M
Improper Access Control

<0:6.3.6-1.el8
  • M
Improper Certificate Validation

*