Homepage

grafana vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the grafana package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Improper Output Neutralization for Logs

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Cross-site Scripting (XSS)

*
  • M
Expected Behavior Violation

*
  • M
Expected Behavior Violation

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • M
Resource Exhaustion

*
  • L
Open Redirect

*
  • L
Authorization Bypass Through User-Controlled Key

*
  • M
Insufficiently Protected Credentials

*
  • M
Insufficient Compartmentalization

*
  • M
Inefficient Regular Expression Complexity

*
  • M
CVE-2025-4673

*
  • H
Cross-site Scripting (XSS)

*
  • L
Improper Input Validation

*
  • L
Improper Input Validation

*
  • M
HTTP Request Smuggling

<0:10.2.6-18.el10_0
  • M
Origin Validation Error

*
  • M
Exposed Dangerous Method or Function

*
  • M
Improper Access Control

*
  • M
Arbitrary Code Injection

*
  • M
Cross-site Scripting (XSS)

*
  • L
Information Exposure

*
  • L
Improper Handling of Exceptional Conditions

*
  • L
Improper Verification of Cryptographic Signature

*
  • M
Improper Input Validation

*
  • M
Incomplete Filtering of Special Elements

*
  • M
CRLF Injection

*
  • M
Information Exposure

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Cross-site Scripting (XSS)

*
  • M
Information Exposure

*
  • H
Cross-site Scripting (XSS)

<0:10.2.6-17.el10_0
  • H
Asymmetric Resource Consumption (Amplification)

<0:10.2.6-15.el10_0
  • H
Resource Exhaustion

*
  • H
Resource Exhaustion

*
  • H
Resource Exhaustion

*
  • H
Improper Validation of Syntactic Correctness of Input

*
  • M
Resource Exhaustion

*
  • M
Directory Traversal

*
  • M
Directory Traversal

*
  • H
Resource Exhaustion

*
  • H
Resource Exhaustion

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Buffer Overflow

*
  • M
Buffer Overflow

*
  • M
Buffer Overflow

*
  • M
Integer Overflow or Wraparound

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • L
Improper Input Validation

*
  • L
Improper Validation of Array Index

*
  • L
Improper Validation of Array Index

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Arbitrary Code Injection

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Resource Exhaustion

*
  • M
Out-of-bounds Read

*
  • M
Improper Certificate Validation

*
  • L
Race Condition

*
  • L
Race Condition

*
  • L
Directory Traversal

*
  • L
Directory Traversal

*
  • L
Directory Traversal

*
  • L
Directory Traversal

*
  • M
Incorrect Permission Assignment for Critical Resource

*
  • M
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • L
Directory Traversal

*
  • L
Directory Traversal

*
  • L
Directory Traversal

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • L
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • L
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • L
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Integer Overflow or Wraparound

*
  • M
Integer Overflow or Wraparound

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Race Condition

*
  • M
Race Condition

*
  • M
Race Condition

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • L
Cross-site Scripting (XSS)

*
  • L
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Incorrect Permission Assignment for Critical Resource

*
  • M
Incorrect Permission Assignment for Critical Resource

*
  • M
Incorrect Permission Assignment for Critical Resource

*
  • L
Information Exposure

*
  • L
Information Exposure

*
  • M
Information Exposure

*
  • L
Open Redirect

*
  • L
Open Redirect

*
  • M
Open Redirect

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • H
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • L
Arbitrary Code Injection

*
  • L
Arbitrary Code Injection

*
  • M
Improper Privilege Management

*
  • M
Open Redirect

*
  • M
Open Redirect

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Insufficient Granularity of Access Control

*
  • M
Insufficient Granularity of Access Control

*
  • M
Out-of-bounds Read

*
  • M
Out-of-bounds Read

*
  • M
Out-of-bounds Read

*
  • M
Out-of-Bounds

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Out-of-Bounds

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
Authorization Bypass Through User-Controlled Key

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Incorrect Authorization

*
  • M
Incorrect Authorization

*
  • L
Resource Exhaustion

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • H
Improper Authentication

*
  • L
Information Exposure

*
  • L
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • L
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • M
Improper Authentication

*
  • M
Improper Authentication

*
  • M
Improper Authentication

*
  • L
Cross-site Scripting (XSS)

*
  • L
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • M
Improper Input Validation

*
  • L
Resource Exhaustion

*
  • L
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
Improper Input Validation

*
  • M
Cross-site Scripting (XSS)

*
  • M
Improper Input Validation

*
  • M
Buffer Overflow

*
  • M
Buffer Overflow

*
  • M
Buffer Overflow

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
Authorization Bypass Through User-Controlled Key

*
  • H
Authorization Bypass Through User-Controlled Key

*
  • H
Authorization Bypass Through User-Controlled Key

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • H
NULL Pointer Dereference

*
  • H
Cross-site Scripting (XSS)

*
  • H
Cross-site Scripting (XSS)

*
  • M
Arbitrary Code Injection

*
  • M
Arbitrary Code Injection

*
  • M
Missing Synchronization

*
  • M
Missing Synchronization

*
  • M
Improper Access Control

*
  • M
Improper Access Control

*
  • M
Incorrect Calculation

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Incorrect Calculation

*
  • M
Information Exposure

*
  • M
Information Exposure

*
  • M
Incorrect Calculation

*
  • M
Cross-site Scripting (XSS)

*
  • M
Authentication Bypass

*
  • M
Authentication Bypass

*
  • L
Authorization Bypass Through User-Controlled Key

*