rhceph/grafana-rhel9

Direct Vulnerabilities

Known vulnerabilities in the rhceph/grafana-rhel9 package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • M
Improper Handling of Case Sensitivity

*
  • H
Link Following

*
  • H
Link Following

*
  • M
Improper Handling of Case Sensitivity

*
  • M
Information Exposure

*
  • M
Improper Authentication

*
  • M
Information Exposure

*
  • M
Improper Authentication

*
  • M
Integer Overflow or Wraparound

*
  • H
Excessive Platform Resource Consumption within a Loop

*
  • M
Cross-site Scripting (XSS)

*
  • M
Missing Release of Resource after Effective Lifetime

*
  • M
Integer Overflow or Wraparound

*
  • M
Cross-site Scripting (XSS)

*
  • M
Missing Release of Resource after Effective Lifetime

*
  • H
Cross-site Scripting (XSS)

*
  • H
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Excessive Platform Resource Consumption within a Loop

*
  • M
Excessive Platform Resource Consumption within a Loop

*
  • H
Cross-site Scripting (XSS)

*
  • M
Improperly Implemented Security Check for Standard

*
  • M
Improperly Implemented Security Check for Standard

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • H
Uncontrolled Search Path Element

*
  • H
Plaintext Storage of a Password

*
  • H
Uncontrolled Search Path Element

*
  • H
Plaintext Storage of a Password

*
  • M
Directory Traversal

*
  • M
Directory Traversal

*
  • L
Time-of-check Time-of-use (TOCTOU)

*
  • L
Time-of-check Time-of-use (TOCTOU)

*
  • M
Improper Output Neutralization for Logs

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • M
Authorization Bypass Through User-Controlled Key

*
  • M
Authorization Bypass Through User-Controlled Key

*
  • L
Missing Release of Resource after Effective Lifetime

*
  • H
Improper Validation of Unsafe Equivalence in Input

*
  • H
Release of Invalid Pointer or Reference

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Insufficient Granularity of Access Control

*
  • M
SQL Injection

*
  • M
Authorization Bypass Through User-Controlled Key

*
  • M
Least Privilege Violation

*
  • M
SQL Injection

*
  • M
Missing Required Cryptographic Step

*
  • M
Missing Required Cryptographic Step

*
  • H
OS Command Injection

*
  • M
Resource Exhaustion

*
  • L
Time-of-check Time-of-use (TOCTOU)

*
  • M
Resource Exhaustion

*
  • M
Directory Traversal

*
  • L
Time-of-check Time-of-use (TOCTOU)

*
  • M
CVE-2025-68121

*
  • M
CVE-2025-68121

*
  • M
Cross-site Scripting (XSS)

*
  • M
Insufficient Granularity of Access Control

*
  • H
Excessive Platform Resource Consumption within a Loop

*
  • M
Cross-site Scripting (XSS)

*
  • M
Directory Traversal

*
  • M
Directory Traversal

*
  • M
Insufficient Granularity of Access Control

*
  • M
Directory Traversal

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • H
Authorization Bypass Through User-Controlled Key

*
  • H
Authorization Bypass Through User-Controlled Key

*
  • H
Authorization Bypass Through User-Controlled Key

*
  • H
Improper Handling of Highly Compressed Data (Data Amplification)

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • H
File and Directory Information Exposure

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • H
Excessive Platform Resource Consumption within a Loop

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • M
Out-of-bounds Read

*
  • M
Out-of-bounds Read

*
  • L
Inefficient Regular Expression Complexity

*
  • H
Allocation of Resources Without Limits or Throttling

*
  • M
Improper Certificate Validation

*
  • L
CVE-2025-58186

*
  • L
CVE-2025-58186

*
  • M
Out-of-bounds Read

*
  • H
Excessive Platform Resource Consumption within a Loop

*
  • M
Improper Certificate Validation

*
  • M
Improper Check or Handling of Exceptional Conditions

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • H
Incorrect Behavior Order: Early Validation

*
  • M
Integer Overflow or Wraparound

*
  • H
OS Command Injection

*
  • H
Resource Exhaustion

*
  • H
OS Command Injection

*
  • M
Resource Exhaustion

*
  • M
Uncontrolled Recursion

*
  • M
Improper Validation of Syntactic Correctness of Input

*
  • M
Improper Validation of Syntactic Correctness of Input

*
  • M
Creation of Immutable Text Using String Concatenation

*
  • M
Creation of Immutable Text Using String Concatenation

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Expected Behavior Violation

*
  • M
Expected Behavior Violation

*
  • M
Expected Behavior Violation

*
  • M
Race Condition

*
  • M
Race Condition

*
  • M
Race Condition

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • L
Improper Validation of Specified Type of Input

*
  • L
Improper Validation of Specified Type of Input

*
  • L
Improper Validation of Specified Type of Input

*
  • M
Missing Initialization of Resource

*
  • L
Missing Initialization of Resource

*
  • M
Missing Initialization of Resource

*
  • L
Missing Initialization of Resource

*
  • L
Missing Initialization of Resource

*
  • M
Missing Initialization of Resource

*
  • M
CVE-2025-4673

*
  • M
CVE-2025-4673

*
  • L
Improper Input Validation

*
  • L
Improper Input Validation

*
  • L
Improper Input Validation

*