grafana-selinux vulnerabilities

Known vulnerabilities in the grafana-selinux package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Origin Validation Error	*
M Exposed Dangerous Method or Function	*
M Inefficient Regular Expression Complexity	*
M Improper Access Control	*
M Improper Certificate Validation	*
H Cross-site Scripting (XSS)	<0:9.2.10-23.el8_10
M Inefficient Regular Expression Complexity	*
L Insufficient Entropy	*
M Incomplete Filtering of Special Elements	*
M Inefficient Regular Expression Complexity	*
M Inefficient Regular Expression Complexity	*
M Inefficient Regular Expression Complexity	*
M HTTP Request Smuggling	*
M Improper Input Validation	*
M Cross-site Scripting (XSS)	*
M Arbitrary Code Injection	*
M Server-Side Request Forgery (SSRF)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Information Exposure	*
L Information Exposure	*
L Improper Verification of Cryptographic Signature	*
M Information Exposure	*
L Resource Exhaustion	*
H Arbitrary Argument Injection	<0:9.2.10-21.el8_10
H Resource Exhaustion	<0:9.2.10-21.el8_10
M CRLF Injection	*
L Improper Handling of Exceptional Conditions	*
L Authorization Bypass Through User-Controlled Key	*
M Resource Exhaustion	*
H Cross-site Scripting (XSS)	<0:9.2.10-20.el8_10
H Improper Verification of Cryptographic Signature	*
M Use of Uninitialized Variable	*
H Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
H Use of Uninitialized Variable	<0:9.2.10-20.el8_10
H Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Insufficient Compartmentalization	*
M Insufficiently Protected Credentials	*
M Missing Required Cryptographic Step	*
M Missing Required Cryptographic Step	*
M CVE-2022-39201	*
M Incorrect Implementation of Authentication Algorithm	*
M Information Exposure	*
M Insufficiently Protected Credentials	*
M Improper Verification of Cryptographic Signature	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Improper Input Validation	<0:9.2.10-18.el8_10
M Misinterpretation of Input	<0:9.2.10-17.el8_10
M Improper Input Validation	<0:9.2.10-17.el8_10
M Resource Exhaustion	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Resource Exhaustion	*
M External Control of Assumed-Immutable Web Parameter	*
M Allocation of Resources Without Limits or Throttling	*
M Arbitrary Code Injection	*
M Allocation of Resources Without Limits or Throttling	*
M Resource Exhaustion	*
M Misinterpretation of Input	*
M Arbitrary Code Injection	*
M Resource Exhaustion	*
M Information Exposure	*
M Resource Exhaustion	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	<0:9.2.10-17.el8_10
M Improper Input Validation	*
M Cross-site Scripting (XSS)	*
M CVE-2023-39321	*
M Cross-site Scripting (XSS)	*
M Authentication Bypass	*
M Information Exposure	*
M Allocation of Resources Without Limits or Throttling	*
M Improper Input Validation	*
H Memory Leak	<0:9.2.10-16.el8_10
H Authorization Bypass Through User-Controlled Key	<0:9.2.10-16.el8_10

Vulnerability

Vulnerable Version

Origin Validation Error