grafana-selinux

Direct Vulnerabilities

Known vulnerabilities in the grafana-selinux package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Cross-site Scripting (XSS)	*
M Directory Traversal	*
H Access of Uninitialized Pointer	*
M Open Redirect	*
M Improper Output Neutralization for Logs	*
M Cross-site Scripting (XSS)	*
H Allocation of Resources Without Limits or Throttling	*
H Integer Overflow or Wraparound	*
H Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
H Arbitrary Code Injection	*
L Missing Release of Resource after Effective Lifetime	*
L Origin Validation Error	*
M Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
M Improper Neutralization of Equivalent Special Elements	*
M Cross-site Scripting (XSS)	*
H Improper Validation of Unsafe Equivalence in Input	*
M Improper Validation of Unsafe Equivalence in Input	*
H CVE-2026-33811	*
M Insufficient Granularity of Access Control	*
H Improper Certificate Validation	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Use of a Non-reentrant Function in a Concurrent Context	*
H OS Command Injection	*
M Least Privilege Violation	*
M Authorization Bypass Through User-Controlled Key	*
M Information Exposure	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Inefficient Regular Expression Complexity	*
M Open Redirect	*
H Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
M Origin Validation Error	*
M Out-of-bounds Write	*
H Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
H Multiple Locks of a Critical Resource	<0:9.2.10-30.el8_10
H Arbitrary Argument Injection	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
H Server-Side Request Forgery (SSRF)	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
H Allocation of Resources Without Limits or Throttling	*
H Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
M Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
M Insufficient Granularity of Access Control	*
M Comparison Using Wrong Factors	*
M CRLF Injection	*
M HTTP Request Smuggling	*
M Cross-site Scripting (XSS)	*
H Improper Cross-boundary Removal of Sensitive Data	*
M Improper Validation of Unsafe Equivalence in Input	*
L Out-of-bounds Write	*
M Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
H Allocation of Resources Without Limits or Throttling	<0:9.2.10-30.el8_10
M Off-by-one Error	*
L Insufficient Compartmentalization	*
M Improper Neutralization of Equivalent Special Elements	*
M Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
L Incorrect Privilege Assignment	*
H Time-of-check Time-of-use (TOCTOU)	<0:9.2.10-30.el8_10
M Allocation of Resources Without Limits or Throttling	*
M Time-of-check Time-of-use (TOCTOU)	*
M Cross-site Scripting (XSS)	*
M Excessive Platform Resource Consumption within a Loop	*
M Allocation of Resources Without Limits or Throttling	*
L Improper Validation of Specified Quantity in Input	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Unchecked Input for Loop Condition	*
M Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Executable Regular Expression Error	*
M Inefficient Regular Expression Complexity	*
M Cleartext Storage of Sensitive Information	*
M Unchecked Input for Loop Condition	*
M Allocation of Resources Without Limits or Throttling	*
H Improper Validation of Syntactic Correctness of Input	<0:9.2.10-29.el8_10
M NULL Pointer Dereference	*
H CVE-2025-68121	<0:9.2.10-28.el8_10
M Incorrect Behavior Order: Early Validation	*
M Unchecked Input for Loop Condition	*
M Improper Validation of Integrity Check Value	*
M Improper Handling of Highly Compressed Data (Data Amplification)	*
L Time-of-check Time-of-use (TOCTOU)	*
L Server-Side Request Forgery (SSRF)	*
M Cross-site Scripting (XSS)	*
L Server-Side Request Forgery (SSRF)	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Inefficient Regular Expression Complexity	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
H Allocation of Resources Without Limits or Throttling	<0:9.2.10-28.el8_10
H Allocation of Resources Without Limits or Throttling	<0:9.2.10-28.el8_10
M Deserialization of Untrusted Data	*
H Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Time-of-check Time-of-use (TOCTOU)	*
M Use of a Risky Cryptographic Primitive	*
M Improper Certificate Validation	*
L CVE-2025-58186	*
H Excessive Platform Resource Consumption within a Loop	<0:9.2.10-27.el8_10
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Open Redirect	*
M Reachable Assertion	*
M Creation of Immutable Text Using String Concatenation	*
M Allocation of Resources Without Limits or Throttling	<0:9.2.10-26.el8_10
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Improper Output Neutralization for Logs	*
M Expected Behavior Violation	*
M Expected Behavior Violation	*
H Inefficient Regular Expression Complexity	*
L Inefficient Regular Expression Complexity	*
L Link Following	*
M Time-of-check Time-of-use (TOCTOU)	*
L Open Redirect	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
H Improper Input Validation	*
M CVE-2025-4673	*
L Inefficient Regular Expression Complexity	*
L Improper Input Validation	*
M Origin Validation Error	*
M Exposed Dangerous Method or Function	*
M Inefficient Regular Expression Complexity	*
M Improper Access Control	*
M Improper Certificate Validation	*
H Cross-site Scripting (XSS)	<0:9.2.10-23.el8_10
M Inefficient Regular Expression Complexity	*
L Insufficient Entropy	*
M Incomplete Filtering of Special Elements	*
M Inefficient Regular Expression Complexity	*
M Inefficient Regular Expression Complexity	*
M Inefficient Regular Expression Complexity	*
M HTTP Request Smuggling	<0:9.2.10-25.el8_10
M Improper Input Validation	*
M Cross-site Scripting (XSS)	*
M Arbitrary Code Injection	*
M Server-Side Request Forgery (SSRF)	*
H Allocation of Resources Without Limits or Throttling	<0:9.2.10-21.el8_10
H Arbitrary Argument Injection	<0:9.2.10-21.el8_10
H Cross-site Scripting (XSS)	<0:9.2.10-20.el8_10
M Information Exposure	*
M Cross-site Scripting (XSS)	*
H Improper Verification of Cryptographic Signature	*
L Improper Verification of Cryptographic Signature	*
M Information Exposure	*
L Authorization Bypass Through User-Controlled Key	*
L Information Exposure	*
M Resource Exhaustion	*
M Cross-site Scripting (XSS)	*
M CRLF Injection	*
L Resource Exhaustion	*
L Improper Handling of Exceptional Conditions	*
H Use of Uninitialized Variable	<0:9.2.10-20.el8_10
H Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Insufficient Compartmentalization	*
M Insufficiently Protected Credentials	*
M Missing Required Cryptographic Step	*
M Improper Verification of Cryptographic Signature	*
M CVE-2022-39201	*
M Incorrect Implementation of Authentication Algorithm	*
M Information Exposure	*
M Insufficiently Protected Credentials	*
M Improper Verification of Cryptographic Signature	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Improper Input Validation	<0:9.2.10-18.el8_10
M Misinterpretation of Input	<0:9.2.10-17.el8_10
M Improper Input Validation	<0:9.2.10-17.el8_10
M Resource Exhaustion	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Resource Exhaustion	*
M External Control of Assumed-Immutable Web Parameter	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Resource Exhaustion	*
M Misinterpretation of Input	*
M Arbitrary Code Injection	*
M Resource Exhaustion	*
M Information Exposure	*
M Resource Exhaustion	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:9.2.10-17.el8_10
M Improper Certificate Validation	*
M Buffer Access with Incorrect Length Value	*
M Authentication Bypass	*
M Information Exposure	*
M Improper Input Validation	*
H Memory Leak	<0:9.2.10-16.el8_10
H Authorization Bypass Through User-Controlled Key	<0:9.2.10-16.el8_10

Vulnerability

Vulnerable Version

Cross-site Scripting (XSS)