prometheus-operator-fips

Direct Vulnerabilities

Known vulnerabilities in the prometheus-operator-fips package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
L GHSA-cqrx-3m42-5p5w	<0.90.1-r1
H Access of Resource Using Incompatible Type ('Type Confusion')	<0.90.1-r1
L GHSA-5w89-2c2x-6x66	<0.90.1-r1
H Improper Certificate Validation	<0.90.1-r1
L GHSA-7mr4-xjxg-34g6	<0.90.1-r1
H Allocation of Resources Without Limits or Throttling	<0.90.1-r1
L GHSA-jrg3-gfjw-hm96	<0.90.1-r1
H Incorrect Authorization	<0.90.1-r1
L GHSA-m4pr-4j3g-9v7v	<0.90.1-r1
C CVE-2026-27143	<0.90.1-r1
M Cross-site Scripting (XSS)	<0.90.1-r1
L GHSA-gjvh-7jh8-7xhm	<0.90.1-r1
L CVE-2026-32280	<0.90.1-r1
L GHSA-cfp9-33rc-j74f	<0.90.1-r1
L Directory Traversal	<0.89.0-r3
L Direct Request ('Forced Browsing')	<0.89.0-r3
L Cross-site Scripting (XSS)	<0.89.0-r3
L GHSA-rv83-g57w-fr8j	<0.89.0-r3
L GHSA-j3gx-2473-5fp8	<0.89.0-r3
L GHSA-j4j7-vw47-rhfq	<0.89.0-r3
L GHSA-6v2p-p543-phr9	<0.81.0-r1
L GHSA-hcg3-q754-cr77	<0.81.0-r1
L Improper Certificate Validation	<0.87.0-r2
L GHSA-7c64-f9jr-v9h2	<0.87.0-r2
L CVE-2025-4673	<0.83.0-r1
L CVE-2025-22874	<0.83.0-r1
L CVE-2025-22872	<0.82.0-r0
M Open Redirect	<0.81.0-r1
L CVE-2025-22869	<0.81.0-r1
L CVE-2025-22868	<0.81.0-r1
L CVE-2025-22866	<0.80.0-r1
L CVE-2024-45336	<0.79.2-r2
L CVE-2024-45341	<0.79.2-r2
L CVE-2024-45337	<0.78.2-r1
L CVE-2024-45338	<0.79.2-r1
M Race Condition	<0.74.0-r3
C CVE-2024-24790	<0.74.0-r2
M CVE-2024-24789	<0.74.0-r2
L CVE-2023-45288	<0.73.1-r1
L CVE-2024-24786	<0.71.2-r2
L CVE-2023-45289	<0.71.2-r1
L CVE-2024-24783	<0.71.2-r1
L CVE-2024-24785	<0.71.2-r1
L CVE-2024-24784	<0.71.2-r1
L CVE-2023-45290	<0.71.2-r1