servicemesh-prometheus vulnerabilities

Known vulnerabilities in the servicemesh-prometheus package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Resource Exhaustion	*
M Open Redirect	<0:2.14.0-14.el8
C Improperly Implemented Security Check for Standard	<0:2.7.2-26.el8
C Improper Access Control	<0:2.7.2-26.el8
C Incorrect Calculation of Buffer Size	<0:2.7.2-26.el8
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Resource Exhaustion	*
H Resource Exhaustion	<0:2.14.0-3.el8
H Incorrect Regular Expression	<0:2.14.0-3.el8
M Resource Exhaustion	*
M Exposure of Private Information ('Privacy Violation')	*
M Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
M Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
M Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
H Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
M Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
M Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
C Out-of-bounds Read	<0:2.23.0-7.el8
C Reachable Assertion	<0:2.23.0-7.el8
C Incorrect Implementation of Authentication Algorithm	<0:2.23.0-7.el8
C Improper Handling of Highly Compressed Data (Data Amplification)	<0:2.23.0-7.el8
C NULL Pointer Dereference	<0:2.23.0-7.el8
L Resource Exhaustion	*
H Improper Authentication	<0:2.14.0-16.el8.1
H Resource Exhaustion	<0:2.14.0-16.el8.1
H Always-Incorrect Control Flow Implementation	<0:2.14.0-16.el8.1
H Time-of-check Time-of-use (TOCTOU)	<0:2.14.0-16.el8.1
H Use After Free	<0:2.14.0-16.el8.1
H Use After Free	<0:2.14.0-16.el8.1
H NULL Pointer Dereference	<0:2.14.0-16.el8.1
H Resource Exhaustion	<0:2.14.0-16.el8.1
M Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
M Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
M OS Command Injection	*
M OS Command Injection	*
M OS Command Injection	*
M Improper Access Control	*
M Improper Access Control	*
L Incorrect Regular Expression	*
L Incorrect Regular Expression	*
M Access of Resource Using Incompatible Type ('Type Confusion')	*
M Access of Resource Using Incompatible Type ('Type Confusion')	*
M Access of Resource Using Incompatible Type ('Type Confusion')	*
M Missing Authorization	*
H Allocation of Resources Without Limits or Throttling	*
H Allocation of Resources Without Limits or Throttling	<0:2.14.0-16.el8.1
H Resource Exhaustion	<0:2.23.0-1.el8
M Information Exposure	*
L Resource Exhaustion	*
L Resource Exhaustion	*
M Resource Exhaustion	*
H Improper Validation of Array Index	<0:2.14.0-16.el8.1
M Resource Exhaustion	*
M Improper Input Validation	*
H Loop with Unreachable Exit Condition ('Infinite Loop')	<0:2.14.0-16.el8.1
M Access of Resource Using Incompatible Type ('Type Confusion')	*
M Access of Resource Using Incompatible Type ('Type Confusion')	*
M Access of Resource Using Incompatible Type ('Type Confusion')	*
H Authorization Bypass Through User-Controlled Key	*
H Authorization Bypass Through User-Controlled Key	*
M Authorization Bypass Through User-Controlled Key	*
M OS Command Injection	*
M Resource Exhaustion	*
M Resource Exhaustion	*
M Resource Exhaustion	*
L Resource Exhaustion	*
L Resource Exhaustion	*
M Resource Exhaustion	*
L Resource Exhaustion	*
M Resource Exhaustion	*
L Resource Exhaustion	*
M Improper Input Validation	<0:2.14.0-14.el8
M Resource Exhaustion	*
M Resource Exhaustion	*
M Resource Exhaustion	*
H Resource Exhaustion	<0:2.7.2-36.el8
M Resource Exhaustion	*
L Placement of User into Incorrect Group	*
M Allocation of Resources Without Limits or Throttling	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Resource Exhaustion	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Inefficient Regular Expression Complexity	*
M Inefficient Regular Expression Complexity	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Inefficient Regular Expression Complexity	*
M Inefficient Regular Expression Complexity	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Resource Exhaustion	<0:2.14.0-18.el8.1
M Resource Exhaustion	<0:2.23.0-9.el8
L Insufficient Entropy	*
M Insufficient Entropy	<0:2.23.0-9.el8
H Exposure of Private Information ('Privacy Violation')	*
H Exposure of Private Information ('Privacy Violation')	*
M Improper Privilege Management	<0:2.23.0-9.el8
M Improper Privilege Management	*
M Integer Overflow or Wraparound	*
M Integer Overflow or Wraparound	<0:2.23.0-9.el8
M Buffer Overflow	<0:2.23.0-9.el8
M Buffer Overflow	*
M Directory Traversal	<0:2.14.0-18.el8.1
M Directory Traversal	<0:2.23.0-9.el8
M Improper Verification of Cryptographic Signature	*
M Improper Verification of Cryptographic Signature	*
M Improper Verification of Cryptographic Signature	*
M Missing Release of Resource after Effective Lifetime	*
M Resource Exhaustion	<0:2.23.0-9.el8
M Information Exposure	*
C Unchecked Return Value	<0:2.23.0-7.el8
C Incorrect Authorization	<0:2.23.0-7.el8
C Integer Overflow or Wraparound	<0:2.23.0-7.el8
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
H Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
H Improperly Controlled Modification of Dynamically-Determined Object Attributes	*
M Resource Exhaustion	*
M Resource Exhaustion	*
M Resource Exhaustion	*
M Resource Exhaustion	*
M Link Following	*
M Link Following	*
H Race Condition	<0:2.14.0-16.el8.1
M Directory Traversal	*
H Improper Input Validation	<0:2.14.0-16.el8.1
M Resource Exhaustion	*
M Improper Input Validation	*
M Improper Input Validation	*
L Resource Exhaustion	*
L Resource Exhaustion	*
L Resource Exhaustion	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:2.14.0-14.el8
M Incorrect Calculation	*
M Incorrect Calculation	*
M Incorrect Calculation	*
M Cross-site Scripting (XSS)	<0:2.14.0-14.el8
M Improper Certificate Validation	*
M Improper Certificate Validation	*
M Improper Certificate Validation	*
L Race Condition	<0:2.14.0-20.el8
L Loop with Unreachable Exit Condition ('Infinite Loop')	<0:2.14.0-20.el8
H Resource Exhaustion	<0:2.7.2-22.el8
H Resource Exhaustion	<0:2.7.2-22.el8
M Resource Exhaustion	*
M Improper Input Validation	*
M Arbitrary Code Injection	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Arbitrary Code Injection	*
M Allocation of Resources Without Limits or Throttling	*
M Resource Exhaustion	*
M Improper Handling of Length Parameter Inconsistency	<0:2.14.0-14.el8
M Resource Exhaustion	*
H Improper Validation of Array Index	<0:2.14.0-16.el8.1
H Improper Validation of Array Index	<0:2.14.0-16.el8.1
M Improper Input Validation	*

Vulnerability

Vulnerable Version

Resource Exhaustion