grafana-selinux vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the grafana-selinux package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Allocation of Resources Without Limits or Throttling	<0:10.2.6-17.el9_7
M Allocation of Resources Without Limits or Throttling	<0:10.2.6-17.el9_7
M Integer Overflow or Wraparound	*
M Allocation of Resources Without Limits or Throttling	<0:10.2.6-16.el9_6
M Allocation of Resources Without Limits or Throttling	<0:10.2.6-16.el9_6
M Allocation of Resources Without Limits or Throttling	<0:10.2.6-16.el9_6
M Information Exposure	*
H Cross-site Scripting (XSS)	*
M Uncontrolled Recursion	*
M Open Redirect	*
M Reachable Assertion	*
M Creation of Immutable Text Using String Concatenation	*
M Allocation of Resources Without Limits or Throttling	<0:10.2.6-17.el9_7
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Allocation of Resources Without Limits or Throttling	*
M Improper Output Neutralization for Logs	*
M Expected Behavior Violation	*
M Expected Behavior Violation	*
M Allocation of Resources Without Limits or Throttling	*
H Inefficient Regular Expression Complexity	*
M Memory Leak	<0:9.2.10-16.el9_4
M Authorization Bypass Through User-Controlled Key	<0:9.2.10-16.el9_4
M Memory Leak	<0:9.2.10-16.el9_4
M Authorization Bypass Through User-Controlled Key	<0:9.2.10-16.el9_4
M Memory Leak	<0:9.2.10-16.el9_4
M Authorization Bypass Through User-Controlled Key	<0:9.2.10-16.el9_4
M Memory Leak	<0:9.2.10-16.el9_4
M Authorization Bypass Through User-Controlled Key	<0:9.2.10-16.el9_4
H Uncontrolled Recursion	<0:10.2.6-7.el9_5
H Use of Uninitialized Variable	<0:9.2.10-19.el9_4
H Use of Uninitialized Variable	<0:9.2.10-19.el9_4
H Use of Uninitialized Variable	<0:9.2.10-19.el9_4
H Use of Uninitialized Variable	<0:9.2.10-19.el9_4
H Cross-site Scripting (XSS)	<0:10.2.6-7.el9_5
H Cross-site Scripting (XSS)	<0:9.2.10-19.el9_4
H Uncontrolled Recursion	<0:9.2.10-17.el9_4
H Cross-site Scripting (XSS)	<0:10.2.6-7.el9_5
H Uncontrolled Recursion	<0:10.2.6-7.el9_5
H Cross-site Scripting (XSS)	<0:10.2.6-7.el9_5
H Uncontrolled Recursion	<0:10.2.6-7.el9_5
M HTTP Request Smuggling	<0:10.2.6-14.el9_6
M Information Exposure Through Log Files	<0:10.2.6-4.el9
M Improper Input Validation	<0:10.2.6-4.el9
M Misinterpretation of Input	<0:10.2.6-4.el9
M Improper Input Validation	<0:10.2.6-4.el9
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:10.2.6-4.el9
M HTTP Request Smuggling	<0:10.2.6-14.el9_6
M Information Exposure Through Log Files	<0:10.2.6-4.el9
M Improper Input Validation	<0:10.2.6-4.el9
M Misinterpretation of Input	<0:10.2.6-4.el9
M Improper Input Validation	<0:10.2.6-4.el9
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:10.2.6-4.el9
M Information Exposure Through Log Files	<0:10.2.6-4.el9
M Improper Input Validation	<0:10.2.6-4.el9
M Misinterpretation of Input	<0:10.2.6-4.el9
M Improper Input Validation	<0:10.2.6-4.el9
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:10.2.6-4.el9
M Information Exposure Through Log Files	<0:10.2.6-4.el9
M Improper Input Validation	<0:10.2.6-4.el9
M Misinterpretation of Input	<0:10.2.6-4.el9
M Improper Input Validation	<0:10.2.6-4.el9
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:10.2.6-4.el9
H Cross-site Scripting (XSS)	<0:10.2.6-13.el9_6
H Cross-site Scripting (XSS)	<0:10.2.6-13.el9_6
H Cross-site Scripting (XSS)	<0:10.2.6-13.el9_6
H Cross-site Scripting (XSS)	<0:10.2.6-13.el9_6
H Asymmetric Resource Consumption (Amplification)	<0:10.2.6-11.el9_6
H Asymmetric Resource Consumption (Amplification)	<0:10.2.6-11.el9_6
H Asymmetric Resource Consumption (Amplification)	<0:10.2.6-9.el9_5
M HTTP Request Smuggling	<0:10.2.6-14.el9_6
H Asymmetric Resource Consumption (Amplification)	<0:10.2.6-11.el9_6
M HTTP Request Smuggling	<0:10.2.6-14.el9_6
M Time-of-check Time-of-use (TOCTOU)	*
L Link Following	*
M Allocation of Resources Without Limits or Throttling	*
M Inefficient Regular Expression Complexity	*
L Open Redirect	*
M Use of Insufficiently Random Values	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M CVE-2025-4673	*
L Improper Input Validation	*
L Inefficient Regular Expression Complexity	*
L Improper Input Validation	*
M HTTP Request Smuggling	<0:10.2.6-14.el9_6
H Cross-site Scripting (XSS)	<0:9.2.10-23.el9_4
H HTTP Request Smuggling	<0:9.2.10-23.el9_4
H Cross-site Scripting (XSS)	<0:9.2.10-23.el9_4
H HTTP Request Smuggling	<0:9.2.10-23.el9_4
H Cross-site Scripting (XSS)	<0:9.2.10-23.el9_4
H HTTP Request Smuggling	<0:9.2.10-23.el9_4
M Origin Validation Error	*
M Exposed Dangerous Method or Function	*
M Improper Access Control	*
H Cross-site Scripting (XSS)	<0:10.2.6-13.el9_6
H Cross-site Scripting (XSS)	<0:10.2.6-13.el9_6
M Inefficient Regular Expression Complexity	*
M Incomplete Filtering of Special Elements	*
M Inefficient Regular Expression Complexity	*
M Inefficient Regular Expression Complexity	*
M Inefficient Regular Expression Complexity	*
M Cross-site Scripting (XSS)	*
M HTTP Request Smuggling	*
H Asymmetric Resource Consumption (Amplification)	<0:9.2.10-22.el9_4
H Asymmetric Resource Consumption (Amplification)	<0:9.2.10-22.el9_4
H Asymmetric Resource Consumption (Amplification)	<0:9.2.10-22.el9_4
H Asymmetric Resource Consumption (Amplification)	<0:10.2.6-11.el9_6
H Asymmetric Resource Consumption (Amplification)	<0:10.2.6-11.el9_6
M Improper Input Validation	*
M Cross-site Scripting (XSS)	*
H Resource Exhaustion	<0:9.2.10-21.el9_4
H Arbitrary Argument Injection	<0:9.2.10-21.el9_4
H Use of Uninitialized Variable	<0:9.2.10-19.el9_4
H Cross-site Scripting (XSS)	<0:9.2.10-19.el9_4
H Use of Uninitialized Variable	<0:9.2.10-19.el9_4
H Cross-site Scripting (XSS)	<0:9.2.10-19.el9_4
H Resource Exhaustion	<0:9.2.10-21.el9_4
H Arbitrary Argument Injection	<0:9.2.10-21.el9_4
M Information Exposure Through Log Files	<0:10.2.6-4.el9
M Improper Input Validation	<0:10.2.6-4.el9
M Misinterpretation of Input	<0:10.2.6-4.el9
M Improper Input Validation	<0:10.2.6-4.el9
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:10.2.6-4.el9
H Use of Uninitialized Variable	<0:9.2.10-19.el9_4
M Server-Side Request Forgery (SSRF)	*
M Arbitrary Code Injection	*
H Uncontrolled Recursion	<0:9.2.10-17.el9_4
H Cross-site Scripting (XSS)	<0:10.2.6-7.el9_5
H Uncontrolled Recursion	<0:9.2.10-17.el9_4
H Uncontrolled Recursion	<0:10.2.6-7.el9_5
M Memory Leak	<0:9.2.10-16.el9_4
M Authorization Bypass Through User-Controlled Key	<0:9.2.10-16.el9_4
M Memory Leak	<0:9.2.10-16.el9_4
M Authorization Bypass Through User-Controlled Key	<0:9.2.10-16.el9_4
M Memory Leak	<0:9.2.10-16.el9_4
M Authorization Bypass Through User-Controlled Key	<0:9.2.10-16.el9_4
M Cross-site Scripting (XSS)	*
M Information Exposure	*
L Information Exposure	*
L Improper Verification of Cryptographic Signature	*
M Information Exposure	*
H Resource Exhaustion	<0:9.2.10-21.el9_4
H Arbitrary Argument Injection	<0:9.2.10-21.el9_4
H Resource Exhaustion	*
H Arbitrary Argument Injection	*
M CRLF Injection	*
L Improper Handling of Exceptional Conditions	*
L Authorization Bypass Through User-Controlled Key	*
H Use of Uninitialized Variable	<0:9.2.10-19.el9_4
H Cross-site Scripting (XSS)	<0:9.2.10-19.el9_4
H Cross-site Scripting (XSS)	<0:10.2.6-7.el9_5
M Use of Uninitialized Variable	*
H Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
H Use of Uninitialized Variable	<0:9.2.10-19.el9_4
M Insufficient Compartmentalization	*
H Uncontrolled Recursion	<0:9.2.10-17.el9_4
M Insufficiently Protected Credentials	*
M Inefficient Regular Expression Complexity	*
M Improperly Controlled Sequential Memory Allocation	*
H Uncontrolled Recursion	<0:10.2.6-7.el9_5
M Uncontrolled Recursion	*
M Memory Leak	<0:9.2.10-16.el9_4
M Authorization Bypass Through User-Controlled Key	<0:9.2.10-16.el9_4
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Improper Input Validation	<0:10.2.6-4.el9
M Information Exposure Through Log Files	<0:10.2.6-4.el9
M Improper Input Validation	<0:10.2.6-4.el9
M Misinterpretation of Input	<0:10.2.6-4.el9
M Resource Exhaustion	*
M Authentication Bypass	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Resource Exhaustion	*
L Resource Exhaustion	*
M Resource Exhaustion	*
M Arbitrary Code Injection	*
M Arbitrary Code Injection	*
M Improper Input Validation	*
M Misinterpretation of Input	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:10.2.6-4.el9
M Information Exposure	*
M Information Exposure	*
M Buffer Access with Incorrect Length Value	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Allocation of Resources Without Limits or Throttling	*
M Resource Exhaustion	*
L Insufficient Entropy	*
M Improper Input Validation	*
M Memory Leak	<0:9.2.10-16.el9_4
M Authorization Bypass Through User-Controlled Key	<0:9.2.10-16.el9_4

Vulnerability

Vulnerable Version

Allocation of Resources Without Limits or Throttling

<0:10.2.6-17.el9_7