wazuh-dashboard-fips

Direct Vulnerabilities

Known vulnerabilities in the wazuh-dashboard-fips package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
L GHSA-83g3-92jg-28cx	<4.14.5-r0
L GHSA-qffp-2rhf-9h96	<4.14.5-r0
H Directory Traversal	<4.14.5-r0
L GHSA-r6q2-hw4h-h46w	<4.14.5-r0
L GHSA-34x7-hfp2-rc4v	<4.14.5-r0
M Improper Handling of Unicode Encoding	<4.14.5-r0
M Directory Traversal	<4.14.5-r0
L GHSA-8qq5-rm4j-mr97	<4.14.5-r0
L Directory Traversal	<4.14.5-r0
M Directory Traversal	<4.14.5-r0
L GHSA-hm8q-7f3q-5f36	<4.14.4-r3
L GHSA-v39h-62p7-jpjc	<4.14.4-r3
H Use of Uninitialized Resource	<4.14.4-r3
L CVE-2026-46625	<4.14.4-r3
L Information Exposure Through Caching	<4.14.4-r3
L Arbitrary Code Injection	<4.14.4-r3
L Improper Validation of Specified Quantity in Input	<4.14.4-r3
M Arbitrary Code Injection	<4.14.4-r3
L CVE-2026-6322	<4.14.4-r3
L Resource Exhaustion	<4.14.4-r3
L GHSA-v2v4-37r5-5v8g	<4.14.4-r3
M Cross-site Scripting (XSS)	<4.14.4-r3
L GHSA-58qx-3vcg-4xpx	<4.14.4-r3
L GHSA-69xw-7hcm-h432	<4.14.4-r3
L GHSA-qjx8-664m-686j	<4.14.4-r3
L GHSA-9vqf-7f2p-gf9v	<4.14.4-r3
L GHSA-qp7p-654g-cw7p	<4.14.4-r3
L GHSA-p77w-8qqv-26rm	<4.14.4-r3
L GHSA-qj8w-gfj5-8c6v	<4.14.4-r2
H Resource Exhaustion	<4.14.4-r2
L GHSA-q3j6-qgpj-74h6	<4.14.4-r2
L CVE-2026-6321	<4.14.4-r2
H Out-of-bounds Write	<4.14.4-r2
L CVE-2026-5758	<4.14.4-r2
L Cross-site Scripting (XSS)	<4.14.4-r2
L GHSA-crv5-9vww-q3g8	<4.14.4-r2
L GHSA-h7mw-gpvr-xq4m	<4.14.4-r2
L GHSA-39q2-94rc-95cp	<4.14.4-r2
L GHSA-v9jr-rg53-9pgp	<4.14.4-r2
M Cross-site Scripting (XSS)	<4.14.4-r2
L GHSA-j452-xhg8-qg39	<4.14.4-r2
L GHSA-w5hq-g745-h8pq	<4.14.4-r2
L Cross-site Scripting (XSS)	<4.14.4-r2
L Permissive Whitelist	<4.14.4-r1
L GHSA-xx6v-rp6x-q39c	<4.14.4-r1
H Uncontrolled Recursion	<4.14.4-r1
L CRLF Injection	<4.14.4-r1
L Allocation of Resources Without Limits or Throttling	<4.14.4-r1
L GHSA-445q-vr5w-6q77	<4.14.4-r1
L HTTP Response Splitting	<4.14.4-r1
L GHSA-pmwg-cvhr-8vh7	<4.14.4-r1
M Improper Authentication	<4.14.4-r1
H Server-Side Request Forgery (SSRF)	<4.14.4-r1
C Permissive Whitelist	<4.14.4-r1
L GHSA-6chq-wfr3-2hj9	<4.14.4-r1
L GHSA-m7pr-hjqh-92cm	<4.14.4-r1
L GHSA-vf2m-468p-8v99	<4.14.4-r1
L GHSA-xhjh-pmcv-23jw	<4.14.4-r1
L Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<4.14.4-r1
L GHSA-w9j2-pvgh-6h63	<4.14.4-r1
L Improper Encoding or Escaping of Output	<4.14.4-r1
L GHSA-62hf-57xw-28j9	<4.14.4-r1
L Allocation of Resources Without Limits or Throttling	<4.14.4-r1
L GHSA-pf86-5x62-jrwf	<4.14.4-r1
L GHSA-5c9x-8gcm-mpgx	<4.14.4-r1

Vulnerability

Vulnerable Version

GHSA-83g3-92jg-28cx

<4.14.5-r0