grafana vulnerabilities

Known vulnerabilities in the grafana package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H Resource Exhaustion	<0:9.2.10-21.el8_10
H Arbitrary Argument Injection	<0:9.2.10-21.el8_10
H Use of Uninitialized Variable	<0:9.2.10-20.el8_10
H Cross-site Scripting (XSS)	<0:9.2.10-20.el8_10
M CVE-2024-24791	<0:9.2.10-18.el8_10
M CVE-2024-24789	<0:9.2.10-17.el8_10
M CVE-2024-24790	<0:9.2.10-17.el8_10
M CVE-2024-24788	<0:9.2.10-17.el8_10
H CVE-2024-1313	<0:9.2.10-16.el8_10
H Memory Leak	<0:9.2.10-16.el8_10
M Authentication Bypass	<0:9.2.10-7.el8_9
M Allocation of Resources Without Limits or Throttling	<0:7.5.15-5.el8_8
M CVE-2023-44487	<0:7.5.15-5.el8_8
M Improper Authentication	<0:7.5.15-4.el8
M HTTP Request Smuggling	<0:7.5.15-4.el8
M CVE-2022-41715	<0:7.5.15-4.el8
M Authorization Bypass Through User-Controlled Key	<0:7.5.15-3.el8
M Cross-site Scripting (XSS)	<0:7.5.15-3.el8
M Cross-site Scripting (XSS)	<0:7.5.15-3.el8
M CVE-2022-21673	<0:7.5.15-3.el8
M Cross-site Request Forgery (CSRF)	<0:7.5.15-3.el8
M CVE-2022-27664	<0:7.5.15-4.el8
M Uncontrolled Recursion	<0:7.5.15-3.el8
M Uncontrolled Recursion	<0:7.5.15-3.el8
M CVE-2022-32148	<0:7.5.15-3.el8
M Uncontrolled Recursion	<0:7.5.15-3.el8
M Uncontrolled Recursion	<0:7.5.15-3.el8
M HTTP Request Smuggling	<0:7.5.15-3.el8
M Uncontrolled Recursion	<0:7.5.15-3.el8
M Uncontrolled Recursion	<0:7.5.15-3.el8
M Uncontrolled Recursion	<0:7.5.15-3.el8
H Incorrect Authorization	<0:7.5.11-3.el8_6
L Directory Traversal	<0:7.5.11-2.el8
M Allocation of Resources Without Limits or Throttling	<0:7.5.15-3.el8
M Arbitrary Code Injection	<0:7.5.9-4.el8
H Resource Exhaustion	<0:7.5.9-5.el8_5
M CVE-2021-27358	<0:7.5.9-4.el8
M Missing Authorization	<0:7.5.9-4.el8
H Improper Authentication	<0:7.3.6-3.el8_4
M Improper Certificate Validation	<0:7.5.9-4.el8
M Cross-site Scripting (XSS)	<0:7.3.6-2.el8
M Misinterpretation of Input	<0:7.3.6-2.el8
M Incorrect Calculation	<0:7.5.9-4.el8
M Cross-site Scripting (XSS)	<0:6.7.4-3.el8
M SQL Injection	<0:6.7.4-3.el8
M Incorrect Permission Assignment for Critical Resource	<0:6.7.4-3.el8
M Cross-site Scripting (XSS)	<0:6.7.4-3.el8
M Cross-site Scripting (XSS)	<0:6.7.4-3.el8
M Incorrect Permission Assignment for Critical Resource	<0:6.7.4-3.el8
M Cross-site Scripting (XSS)	<0:6.7.4-3.el8
M Cross-site Scripting (XSS)	<0:6.7.4-3.el8
H Server-Side Request Forgery (SSRF)	<0:6.3.6-2.el8_2
M Missing Authentication for Critical Function	<0:6.3.6-1.el8

Vulnerability

Vulnerable Version

Resource Exhaustion

<0:9.2.10-21.el8_10

Arbitrary Argument Injection

<0:9.2.10-21.el8_10

Use of Uninitialized Variable

<0:9.2.10-20.el8_10

Cross-site Scripting (XSS)

<0:9.2.10-20.el8_10

CVE-2024-24791

<0:9.2.10-18.el8_10