grafana-selinux vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the grafana-selinux package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
M Expected Behavior Violation	*
M Expected Behavior Violation	*
M Allocation of Resources Without Limits or Throttling	*
H Inefficient Regular Expression Complexity	*
L Inefficient Regular Expression Complexity	*
L Link Following	*
M Time-of-check Time-of-use (TOCTOU)	*
M Inefficient Regular Expression Complexity	*
L Open Redirect	*
M Use of Insufficiently Random Values	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M CVE-2025-4673	*
L Inefficient Regular Expression Complexity	*
L Improper Input Validation	*
M Origin Validation Error	*
M Exposed Dangerous Method or Function	*
M Inefficient Regular Expression Complexity	*
M Improper Access Control	*
M Improper Certificate Validation	*
H Cross-site Scripting (XSS)	<0:9.2.10-23.el8_10
M Inefficient Regular Expression Complexity	*
L Insufficient Entropy	*
M Incomplete Filtering of Special Elements	*
M Inefficient Regular Expression Complexity	*
M Inefficient Regular Expression Complexity	*
M Inefficient Regular Expression Complexity	*
M HTTP Request Smuggling	<0:9.2.10-25.el8_10
M Improper Input Validation	*
M Cross-site Scripting (XSS)	*
M Arbitrary Code Injection	*
M Server-Side Request Forgery (SSRF)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Information Exposure	*
L Information Exposure	*
L Improper Verification of Cryptographic Signature	*
M Information Exposure	*
L Resource Exhaustion	*
H Arbitrary Argument Injection	<0:9.2.10-21.el8_10
H Resource Exhaustion	<0:9.2.10-21.el8_10
M CRLF Injection	*
L Improper Handling of Exceptional Conditions	*
L Authorization Bypass Through User-Controlled Key	*
M Resource Exhaustion	*
H Cross-site Scripting (XSS)	<0:9.2.10-20.el8_10
H Improper Verification of Cryptographic Signature	*
M Use of Uninitialized Variable	*
H Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
H Use of Uninitialized Variable	<0:9.2.10-20.el8_10
H Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Insufficient Compartmentalization	*
M Insufficiently Protected Credentials	*
M Missing Required Cryptographic Step	*
M Improper Verification of Cryptographic Signature	*
M CVE-2022-39201	*
M Incorrect Implementation of Authentication Algorithm	*
M Information Exposure	*
M Insufficiently Protected Credentials	*
M Improper Verification of Cryptographic Signature	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Improper Input Validation	<0:9.2.10-18.el8_10
M Misinterpretation of Input	<0:9.2.10-17.el8_10
M Improper Input Validation	<0:9.2.10-17.el8_10
M Resource Exhaustion	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Resource Exhaustion	*
M External Control of Assumed-Immutable Web Parameter	*
M Allocation of Resources Without Limits or Throttling	*
M Arbitrary Code Injection	*
M Allocation of Resources Without Limits or Throttling	*
M Resource Exhaustion	*
M Misinterpretation of Input	*
M Arbitrary Code Injection	*
M Resource Exhaustion	*
M Information Exposure	*
M Resource Exhaustion	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:9.2.10-17.el8_10
M Improper Input Validation	*
M Cross-site Scripting (XSS)	*
M Buffer Access with Incorrect Length Value	*
M Cross-site Scripting (XSS)	*
M Authentication Bypass	*
M Information Exposure	*
M Allocation of Resources Without Limits or Throttling	*
M Improper Input Validation	*
H Memory Leak	<0:9.2.10-16.el8_10
H Authorization Bypass Through User-Controlled Key	<0:9.2.10-16.el8_10

Vulnerability

Vulnerable Version

Expected Behavior Violation