golang-github-prometheus-promu vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the golang-github-prometheus-promu package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
M Expected Behavior Violation	*
M Expected Behavior Violation	*
M Time-of-check Time-of-use (TOCTOU)	*
M CVE-2025-4673	*
M HTTP Request Smuggling	*
M Improper Input Validation	*
M Information Exposure	*
L Improper Verification of Cryptographic Signature	*
M Use of Uninitialized Variable	*
M Improperly Controlled Sequential Memory Allocation	*
M Uncontrolled Recursion	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
M Improper Input Validation	*
L Information Exposure	<0:0-2.git85ceabc.el7
M Improper Input Validation	<0:0-2.git85ceabc.el7
M Improper Authentication	<0:0-1.git85ceabc.el7
M Improper Authorization	<0:0-2.git85ceabc.el7
H Improper Access Control	<0:0-5.git85ceabc.el7
M Resource Exhaustion	*
M Improperly Controlled Sequential Memory Allocation	*
L Insufficient Entropy	*
M Integer Overflow or Wraparound	*
M Incorrect Calculation	*
L Race Condition	*
L Race Condition	<0:0.5.0-3.git642a960.el7
L Loop with Unreachable Exit Condition ('Infinite Loop')	<0:0.5.0-3.git642a960.el7
L Loop with Unreachable Exit Condition ('Infinite Loop')	*
M HTTP Request Smuggling	*
H Resource Exhaustion	<0:0.5.0-2.git642a960.el7
H Resource Exhaustion	<0:0-5.git85ceabc.el7
H Resource Exhaustion	<0:0-5.git85ceabc.el7
H Resource Exhaustion	<0:0-5.git85ceabc.el7
H Resource Exhaustion	<0:0.5.0-2.git642a960.el7
H Resource Exhaustion	<0:0-5.git85ceabc.el7