Homepage

grafana vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the grafana package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • M
Expected Behavior Violation

*
  • M
Expected Behavior Violation

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Authorization Bypass Through User-Controlled Key

<0:9.2.10-16.el9_4
  • M
Authorization Bypass Through User-Controlled Key

<0:9.2.10-16.el9_4
  • C
Authentication Bypass by Primary Weakness

<0:9.0.9-3.el9_2
  • M
Authorization Bypass Through User-Controlled Key

<0:9.2.10-16.el9_4
  • M
Authorization Bypass Through User-Controlled Key

<0:9.2.10-16.el9_4
  • M
Memory Leak

<0:9.2.10-16.el9_4
  • M
Memory Leak

<0:9.2.10-16.el9_4
  • C
Authentication Bypass by Primary Weakness

<0:9.0.9-3.el9_2
  • C
Authentication Bypass by Primary Weakness

<0:9.0.9-3.el9_2
  • M
Memory Leak

<0:9.2.10-16.el9_4
  • M
Memory Leak

<0:9.2.10-16.el9_4
  • M
Resource Exhaustion

<0:9.2.10-7.el9_3
  • M
Allocation of Resources Without Limits or Throttling

<0:9.2.10-7.el9_3
  • M
External Control of Assumed-Immutable Web Parameter

<0:9.2.10-7.el9_3
  • M
Information Exposure

<0:9.2.10-7.el9_3
  • M
Incorrect Implementation of Authentication Algorithm

<0:9.2.10-7.el9_3
  • M
CVE-2022-39201

<0:9.2.10-7.el9_3
  • M
Insufficiently Protected Credentials

<0:9.2.10-7.el9_3
  • M
Improper Verification of Cryptographic Signature

<0:9.2.10-7.el9_3
  • M
Cross-site Scripting (XSS)

<0:9.2.10-7.el9_3
  • M
Resource Exhaustion

<0:9.2.10-7.el9_3
  • M
Allocation of Resources Without Limits or Throttling

<0:9.2.10-7.el9_3
  • M
External Control of Assumed-Immutable Web Parameter

<0:9.2.10-7.el9_3
  • M
Information Exposure

<0:9.2.10-7.el9_3
  • M
Incorrect Implementation of Authentication Algorithm

<0:9.2.10-7.el9_3
  • M
CVE-2022-39201

<0:9.2.10-7.el9_3
  • M
Insufficiently Protected Credentials

<0:9.2.10-7.el9_3
  • M
Improper Verification of Cryptographic Signature

<0:9.2.10-7.el9_3
  • M
Cross-site Scripting (XSS)

<0:9.2.10-7.el9_3
  • C
Authentication Bypass by Primary Weakness

<0:9.0.9-3.el9_2
  • C
Authentication Bypass by Primary Weakness

<0:9.0.9-3.el9_2
  • C
Authentication Bypass by Primary Weakness

<0:9.0.9-3.el9_2
  • C
Authentication Bypass by Primary Weakness

<0:9.0.9-3.el9_2
  • M
CVE-2022-41715

<0:9.0.9-2.el9
  • M
Improper Authentication

<0:9.0.9-2.el9
  • M
Authentication Bypass

<0:9.0.9-2.el9
  • M
HTTP Request Smuggling

<0:9.0.9-2.el9
  • M
Resource Exhaustion

<0:9.0.9-2.el9
  • M
CVE-2022-41715

<0:9.0.9-2.el9
  • M
Improper Authentication

<0:9.0.9-2.el9
  • M
Authentication Bypass

<0:9.0.9-2.el9
  • M
HTTP Request Smuggling

<0:9.0.9-2.el9
  • M
Resource Exhaustion

<0:9.0.9-2.el9
  • H
Improper Authentication

<0:7.5.11-5.el9_0
  • H
Improper Authentication

<0:7.5.11-5.el9_0
  • H
Improper Authentication

<0:7.5.11-5.el9_0
  • H
Improper Authentication

<0:7.5.11-5.el9_0
  • H
Improper Authentication

<0:7.5.11-5.el9_0
  • H
Improper Authentication

<0:7.5.11-5.el9_0
  • H
Improper Authentication

<0:7.5.11-5.el9_0
  • H
Uncontrolled Recursion

<0:10.2.6-7.el9_5
  • H
Use of Uninitialized Variable

<0:9.2.10-19.el9_4
  • H
Use of Uninitialized Variable

<0:9.2.10-19.el9_4
  • H
Use of Uninitialized Variable

<0:9.2.10-19.el9_4
  • H
Use of Uninitialized Variable

<0:9.2.10-19.el9_4
  • H
Cross-site Scripting (XSS)

<0:10.2.6-7.el9_5
  • H
Cross-site Scripting (XSS)

<0:9.2.10-19.el9_4
  • H
Uncontrolled Recursion

<0:9.2.10-17.el9_4
  • H
Cross-site Scripting (XSS)

<0:10.2.6-7.el9_5
  • H
Uncontrolled Recursion

<0:10.2.6-7.el9_5
  • H
Cross-site Scripting (XSS)

<0:10.2.6-7.el9_5
  • H
Uncontrolled Recursion

<0:10.2.6-7.el9_5
  • M
HTTP Request Smuggling

<0:10.2.6-14.el9_6
  • M
Information Exposure Through Log Files

<0:10.2.6-4.el9
  • M
Improper Input Validation

<0:10.2.6-4.el9
  • M
Misinterpretation of Input

<0:10.2.6-4.el9
  • M
Improper Input Validation

<0:10.2.6-4.el9
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:10.2.6-4.el9
  • M
HTTP Request Smuggling

<0:10.2.6-14.el9_6
  • M
Information Exposure Through Log Files

<0:10.2.6-4.el9
  • M
Improper Input Validation

<0:10.2.6-4.el9
  • M
Misinterpretation of Input

<0:10.2.6-4.el9
  • M
Improper Input Validation

<0:10.2.6-4.el9
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:10.2.6-4.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Incorrect Authorization

<0:7.5.15-3.el9
  • H
Cross-site Request Forgery (CSRF)

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Missing Release of Resource after Effective Lifetime

<0:7.5.15-3.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
HTTP Request Smuggling

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • M
Information Exposure Through Log Files

<0:10.2.6-4.el9
  • M
Improper Input Validation

<0:10.2.6-4.el9
  • M
Misinterpretation of Input

<0:10.2.6-4.el9
  • M
Improper Input Validation

<0:10.2.6-4.el9
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:10.2.6-4.el9
  • M
Information Exposure Through Log Files

<0:10.2.6-4.el9
  • M
Improper Input Validation

<0:10.2.6-4.el9
  • M
Misinterpretation of Input

<0:10.2.6-4.el9
  • M
Improper Input Validation

<0:10.2.6-4.el9
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:10.2.6-4.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Incorrect Authorization

<0:7.5.15-3.el9
  • H
Cross-site Request Forgery (CSRF)

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Missing Release of Resource after Effective Lifetime

<0:7.5.15-3.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
HTTP Request Smuggling

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:10.2.6-13.el9_6
  • H
Cross-site Scripting (XSS)

<0:10.2.6-13.el9_6
  • H
Cross-site Scripting (XSS)

<0:10.2.6-13.el9_6
  • H
Cross-site Scripting (XSS)

<0:10.2.6-13.el9_6
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • H
Asymmetric Resource Consumption (Amplification)

<0:10.2.6-11.el9_6
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • H
Asymmetric Resource Consumption (Amplification)

<0:10.2.6-11.el9_6
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • H
Asymmetric Resource Consumption (Amplification)

<0:10.2.6-9.el9_5
  • M
Resource Exhaustion

<0:9.2.10-7.el9_3
  • M
Allocation of Resources Without Limits or Throttling

<0:9.2.10-7.el9_3
  • M
External Control of Assumed-Immutable Web Parameter

<0:9.2.10-7.el9_3
  • M
Information Exposure

<0:9.2.10-7.el9_3
  • M
Incorrect Implementation of Authentication Algorithm

<0:9.2.10-7.el9_3
  • M
CVE-2022-39201

<0:9.2.10-7.el9_3
  • M
Insufficiently Protected Credentials

<0:9.2.10-7.el9_3
  • M
Improper Verification of Cryptographic Signature

<0:9.2.10-7.el9_3
  • M
Cross-site Scripting (XSS)

<0:9.2.10-7.el9_3
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
CVE-2022-41715

<0:9.0.9-2.el9
  • M
Improper Authentication

<0:9.0.9-2.el9
  • M
Authentication Bypass

<0:9.0.9-2.el9
  • M
HTTP Request Smuggling

<0:9.0.9-2.el9
  • M
Resource Exhaustion

<0:9.0.9-2.el9
  • M
HTTP Request Smuggling

<0:10.2.6-14.el9_6
  • M
CVE-2022-41715

<0:9.0.9-2.el9
  • M
Improper Authentication

<0:9.0.9-2.el9
  • M
Authentication Bypass

<0:9.0.9-2.el9
  • M
HTTP Request Smuggling

<0:9.0.9-2.el9
  • M
Resource Exhaustion

<0:9.0.9-2.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Incorrect Authorization

<0:7.5.15-3.el9
  • H
Cross-site Request Forgery (CSRF)

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Missing Release of Resource after Effective Lifetime

<0:7.5.15-3.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
HTTP Request Smuggling

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Incorrect Authorization

<0:7.5.15-3.el9
  • H
Cross-site Request Forgery (CSRF)

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Missing Release of Resource after Effective Lifetime

<0:7.5.15-3.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
HTTP Request Smuggling

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Asymmetric Resource Consumption (Amplification)

<0:10.2.6-11.el9_6
  • M
HTTP Request Smuggling

<0:10.2.6-14.el9_6
  • M
Resource Exhaustion

<0:9.2.10-7.el9_3
  • M
Allocation of Resources Without Limits or Throttling

<0:9.2.10-7.el9_3
  • M
External Control of Assumed-Immutable Web Parameter

<0:9.2.10-7.el9_3
  • M
Information Exposure

<0:9.2.10-7.el9_3
  • M
Incorrect Implementation of Authentication Algorithm

<0:9.2.10-7.el9_3
  • M
CVE-2022-39201

<0:9.2.10-7.el9_3
  • M
Insufficiently Protected Credentials

<0:9.2.10-7.el9_3
  • M
Improper Verification of Cryptographic Signature

<0:9.2.10-7.el9_3
  • M
Cross-site Scripting (XSS)

<0:9.2.10-7.el9_3
  • M
Time-of-check Time-of-use (TOCTOU)

*
  • L
Link Following

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Inefficient Regular Expression Complexity

*
  • L
Open Redirect

*
  • M
Use of Insufficiently Random Values

*
  • M
CVE-2025-4673

*
  • L
Improper Input Validation

*
  • L
Inefficient Regular Expression Complexity

*
  • L
Improper Input Validation

*
  • M
HTTP Request Smuggling

<0:7.5.11-11.el9_0
  • H
Cross-site Scripting (XSS)

<0:9.0.9-8.el9_2
  • H
HTTP Request Smuggling

<0:9.0.9-8.el9_2
  • M
HTTP Request Smuggling

<0:10.2.6-14.el9_6
  • H
Cross-site Scripting (XSS)

<0:7.5.11-10.el9_0
  • H
Cross-site Scripting (XSS)

<0:9.2.10-23.el9_4
  • H
HTTP Request Smuggling

<0:9.2.10-23.el9_4
  • H
Cross-site Scripting (XSS)

<0:9.2.10-23.el9_4
  • H
HTTP Request Smuggling

<0:9.2.10-23.el9_4
  • H
Cross-site Scripting (XSS)

<0:9.2.10-23.el9_4
  • H
HTTP Request Smuggling

<0:9.2.10-23.el9_4
  • M
Origin Validation Error

*
  • M
Exposed Dangerous Method or Function

*
  • M
Improper Access Control

*
  • H
Cross-site Scripting (XSS)

<0:10.2.6-13.el9_6
  • H
Cross-site Scripting (XSS)

<0:10.2.6-13.el9_6
  • M
Incomplete Filtering of Special Elements

*
  • M
Cross-site Scripting (XSS)

*
  • M
HTTP Request Smuggling

*
  • H
Asymmetric Resource Consumption (Amplification)

<0:9.0.9-6.el9_2
  • H
Asymmetric Resource Consumption (Amplification)

<0:9.2.10-22.el9_4
  • H
Asymmetric Resource Consumption (Amplification)

<0:9.0.9-6.el9_2
  • H
Asymmetric Resource Consumption (Amplification)

<0:9.0.9-6.el9_2
  • H
Asymmetric Resource Consumption (Amplification)

<0:9.2.10-22.el9_4
  • H
Asymmetric Resource Consumption (Amplification)

<0:9.2.10-22.el9_4
  • H
Asymmetric Resource Consumption (Amplification)

<0:10.2.6-11.el9_6
  • H
Asymmetric Resource Consumption (Amplification)

<0:10.2.6-11.el9_6
  • M
Improper Input Validation

*
  • H
Resource Exhaustion

<0:9.2.10-21.el9_4
  • H
Arbitrary Argument Injection

<0:9.2.10-21.el9_4
  • H
Use of Uninitialized Variable

<0:9.2.10-19.el9_4
  • H
Cross-site Scripting (XSS)

<0:9.2.10-19.el9_4
  • H
Use of Uninitialized Variable

<0:9.2.10-19.el9_4
  • H
Cross-site Scripting (XSS)

<0:9.2.10-19.el9_4
  • H
Resource Exhaustion

<0:9.2.10-21.el9_4
  • H
Arbitrary Argument Injection

<0:9.2.10-21.el9_4
  • M
Information Exposure Through Log Files

<0:10.2.6-4.el9
  • M
Improper Input Validation

<0:10.2.6-4.el9
  • M
Misinterpretation of Input

<0:10.2.6-4.el9
  • M
Improper Input Validation

<0:10.2.6-4.el9
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:10.2.6-4.el9
  • H
Use of Uninitialized Variable

<0:9.2.10-19.el9_4
  • M
Server-Side Request Forgery (SSRF)

*
  • M
Arbitrary Code Injection

*
  • M
Resource Exhaustion

<0:9.2.10-7.el9_3
  • M
Allocation of Resources Without Limits or Throttling

<0:9.2.10-7.el9_3
  • M
External Control of Assumed-Immutable Web Parameter

<0:9.2.10-7.el9_3
  • M
Information Exposure

<0:9.2.10-7.el9_3
  • M
Incorrect Implementation of Authentication Algorithm

<0:9.2.10-7.el9_3
  • M
CVE-2022-39201

<0:9.2.10-7.el9_3
  • M
Insufficiently Protected Credentials

<0:9.2.10-7.el9_3
  • M
Improper Verification of Cryptographic Signature

<0:9.2.10-7.el9_3
  • M
Cross-site Scripting (XSS)

<0:9.2.10-7.el9_3
  • M
Resource Exhaustion

<0:9.2.10-7.el9_3
  • M
Allocation of Resources Without Limits or Throttling

<0:9.2.10-7.el9_3
  • M
External Control of Assumed-Immutable Web Parameter

<0:9.2.10-7.el9_3
  • M
Information Exposure

<0:9.2.10-7.el9_3
  • M
Incorrect Implementation of Authentication Algorithm

<0:9.2.10-7.el9_3
  • M
CVE-2022-39201

<0:9.2.10-7.el9_3
  • M
Insufficiently Protected Credentials

<0:9.2.10-7.el9_3
  • M
Improper Verification of Cryptographic Signature

<0:9.2.10-7.el9_3
  • M
Cross-site Scripting (XSS)

<0:9.2.10-7.el9_3
  • M
CVE-2022-41715

<0:9.0.9-2.el9
  • M
Improper Authentication

<0:9.0.9-2.el9
  • M
Authentication Bypass

<0:9.0.9-2.el9
  • M
HTTP Request Smuggling

<0:9.0.9-2.el9
  • M
Resource Exhaustion

<0:9.0.9-2.el9
  • M
CVE-2022-41715

<0:9.0.9-2.el9
  • M
Improper Authentication

<0:9.0.9-2.el9
  • M
Authentication Bypass

<0:9.0.9-2.el9
  • M
HTTP Request Smuggling

<0:9.0.9-2.el9
  • M
Resource Exhaustion

<0:9.0.9-2.el9
  • M
Resource Exhaustion

<0:9.2.10-7.el9_3
  • M
Allocation of Resources Without Limits or Throttling

<0:9.2.10-7.el9_3
  • M
External Control of Assumed-Immutable Web Parameter

<0:9.2.10-7.el9_3
  • M
Information Exposure

<0:9.2.10-7.el9_3
  • M
Incorrect Implementation of Authentication Algorithm

<0:9.2.10-7.el9_3
  • M
CVE-2022-39201

<0:9.2.10-7.el9_3
  • M
Insufficiently Protected Credentials

<0:9.2.10-7.el9_3
  • M
Improper Verification of Cryptographic Signature

<0:9.2.10-7.el9_3
  • M
Cross-site Scripting (XSS)

<0:9.2.10-7.el9_3
  • M
CVE-2022-41715

<0:9.0.9-2.el9
  • M
Improper Authentication

<0:9.0.9-2.el9
  • M
Authentication Bypass

<0:9.0.9-2.el9
  • M
HTTP Request Smuggling

<0:9.0.9-2.el9
  • M
Resource Exhaustion

<0:9.0.9-2.el9
  • H
Uncontrolled Recursion

<0:9.2.10-17.el9_4
  • H
Cross-site Scripting (XSS)

<0:10.2.6-7.el9_5
  • H
Uncontrolled Recursion

<0:9.2.10-17.el9_4
  • H
Uncontrolled Recursion

<0:10.2.6-7.el9_5
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Incorrect Authorization

<0:7.5.15-3.el9
  • H
Cross-site Request Forgery (CSRF)

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Missing Release of Resource after Effective Lifetime

<0:7.5.15-3.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
HTTP Request Smuggling

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Incorrect Authorization

<0:7.5.15-3.el9
  • H
Cross-site Request Forgery (CSRF)

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Missing Release of Resource after Effective Lifetime

<0:7.5.15-3.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
HTTP Request Smuggling

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Incorrect Authorization

<0:7.5.15-3.el9
  • H
Cross-site Request Forgery (CSRF)

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Missing Release of Resource after Effective Lifetime

<0:7.5.15-3.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
HTTP Request Smuggling

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Authorization Bypass Through User-Controlled Key

<0:9.2.10-16.el9_4
  • M
Memory Leak

<0:9.2.10-16.el9_4
  • M
Memory Leak

<0:9.2.10-16.el9_4
  • M
Authorization Bypass Through User-Controlled Key

<0:9.2.10-16.el9_4
  • M
Authorization Bypass Through User-Controlled Key

<0:9.2.10-16.el9_4
  • M
Memory Leak

<0:9.2.10-16.el9_4
  • M
Cross-site Scripting (XSS)

*
  • M
Information Exposure

*
  • L
Information Exposure

*
  • L
Improper Verification of Cryptographic Signature

*
  • M
Information Exposure

*
  • H
Resource Exhaustion

<0:9.2.10-21.el9_4
  • H
Arbitrary Argument Injection

<0:9.2.10-21.el9_4
  • H
Resource Exhaustion

*
  • H
Arbitrary Argument Injection

*
  • M
CRLF Injection

*
  • L
Improper Handling of Exceptional Conditions

*
  • L
Authorization Bypass Through User-Controlled Key

*
  • H
Use of Uninitialized Variable

<0:9.2.10-19.el9_4
  • H
Cross-site Scripting (XSS)

<0:9.2.10-19.el9_4
  • H
Cross-site Scripting (XSS)

<0:10.2.6-7.el9_5
  • M
Use of Uninitialized Variable

*
  • H
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • H
Use of Uninitialized Variable

<0:9.2.10-19.el9_4
  • M
Insufficient Compartmentalization

*
  • H
Uncontrolled Recursion

<0:9.0.9-5.el9_2
  • H
Uncontrolled Recursion

<0:9.0.9-5.el9_2
  • H
Uncontrolled Recursion

<0:9.0.9-5.el9_2
  • H
Uncontrolled Recursion

<0:7.5.11-7.el9_0
  • H
Uncontrolled Recursion

<0:9.2.10-17.el9_4
  • M
Insufficiently Protected Credentials

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Improperly Controlled Sequential Memory Allocation

*
  • H
Uncontrolled Recursion

<0:10.2.6-7.el9_5
  • M
Uncontrolled Recursion

*
  • M
Authorization Bypass Through User-Controlled Key

<0:9.2.10-16.el9_4
  • M
Memory Leak

<0:9.2.10-16.el9_4
  • M
Resource Exhaustion

<0:9.2.10-7.el9_3
  • M
Allocation of Resources Without Limits or Throttling

<0:9.2.10-7.el9_3
  • M
External Control of Assumed-Immutable Web Parameter

<0:9.2.10-7.el9_3
  • M
Information Exposure

<0:9.2.10-7.el9_3
  • M
Incorrect Implementation of Authentication Algorithm

<0:9.2.10-7.el9_3
  • M
CVE-2022-39201

<0:9.2.10-7.el9_3
  • M
Insufficiently Protected Credentials

<0:9.2.10-7.el9_3
  • M
Improper Verification of Cryptographic Signature

<0:9.2.10-7.el9_3
  • M
Cross-site Scripting (XSS)

<0:9.2.10-7.el9_3
  • C
Authentication Bypass by Primary Weakness

<0:9.0.9-3.el9_2
  • M
CVE-2022-41715

<0:9.0.9-2.el9
  • M
Improper Authentication

<0:9.0.9-2.el9
  • M
Authentication Bypass

<0:9.0.9-2.el9
  • M
HTTP Request Smuggling

<0:9.0.9-2.el9
  • M
Resource Exhaustion

<0:9.0.9-2.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Incorrect Authorization

<0:7.5.15-3.el9
  • H
Cross-site Request Forgery (CSRF)

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Missing Release of Resource after Effective Lifetime

<0:7.5.15-3.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
HTTP Request Smuggling

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Improper Authentication

<0:7.5.11-5.el9_0
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Improper Input Validation

<0:10.2.6-4.el9
  • M
Information Exposure Through Log Files

<0:10.2.6-4.el9
  • M
Improper Input Validation

<0:10.2.6-4.el9
  • M
Misinterpretation of Input

<0:10.2.6-4.el9
  • M
Authentication Bypass

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<0:10.2.6-4.el9
  • H
Resource Exhaustion

*
  • H
Resource Exhaustion

*
  • H
Resource Exhaustion

*
  • H
Resource Exhaustion

*
  • M
Authorization Bypass Through User-Controlled Key

<0:9.2.10-16.el9_4
  • M
Memory Leak

<0:9.2.10-16.el9_4
  • M
Arbitrary Code Injection

*
  • M
Improper Input Validation

*
  • M
Misinterpretation of Input

*
  • M
Improper Input Validation

*
  • M
Information Exposure

*
  • C
Directory Traversal

*
  • M
Information Exposure

*
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Resource Exhaustion

<0:7.5.11-6.el9_0
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Resource Exhaustion

<0:7.5.11-6.el9_0
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Resource Exhaustion

<0:9.0.9-4.el9_2
  • M
Resource Exhaustion

<0:7.5.11-6.el9_0
  • M
Resource Exhaustion

<0:7.5.11-6.el9_0
  • M
Buffer Access with Incorrect Length Value

*
  • M
Cross-site Scripting (XSS)

*
  • M
Allocation of Resources Without Limits or Throttling

*
  • M
Cross-site Scripting (XSS)

*
  • M
Resource Exhaustion

*
  • M
Resource Exhaustion

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • C
Authentication Bypass by Primary Weakness

<0:9.0.9-3.el9_2
  • C
Authentication Bypass by Primary Weakness

<0:9.0.9-3.el9_2
  • C
Authentication Bypass by Primary Weakness

<0:9.0.9-3.el9_2
  • C
Authentication Bypass by Primary Weakness

<0:9.0.9-3.el9_2
  • H
Inefficient Regular Expression Complexity

*
  • M
Missing Synchronization

*
  • M
Improper Access Control

*
  • M
Resource Exhaustion

*
  • M
Information Exposure

*
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

*
  • M
Arbitrary Code Injection

*
  • M
Resource Exhaustion

<0:9.2.10-7.el9_3
  • M
Inefficient Regular Expression Complexity

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Inefficient Regular Expression Complexity

*
  • M
Cross-site Scripting (XSS)

*
  • M
Resource Exhaustion

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

*
  • M
Cross-site Scripting (XSS)

<0:9.2.10-7.el9_3
  • M
External Control of Assumed-Immutable Web Parameter

<0:9.2.10-7.el9_3
  • M
Allocation of Resources Without Limits or Throttling

<0:9.2.10-7.el9_3
  • M
Authentication Bypass by Primary Weakness

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Incorrect Implementation of Authentication Algorithm

<0:9.2.10-7.el9_3
  • M
Information Exposure

<0:9.2.10-7.el9_3
  • M
Inefficient Regular Expression Complexity

*
  • M
Improper Authentication

<0:9.0.9-2.el9
  • M
Improper Authentication

<0:9.0.9-2.el9
  • M
Improper Authentication

<0:9.0.9-2.el9
  • M
Improper Authentication

<0:9.0.9-2.el9
  • M
CVE-2022-39201

<0:9.2.10-7.el9_3
  • M
Insufficiently Protected Credentials

<0:9.2.10-7.el9_3
  • M
Improper Verification of Cryptographic Signature

<0:9.2.10-7.el9_3
  • M
CVE-2022-41715

<0:9.0.9-2.el9
  • M
CVE-2022-41715

<0:9.0.9-2.el9
  • M
CVE-2022-41715

<0:9.0.9-2.el9
  • M
CVE-2022-41715

<0:9.0.9-2.el9
  • M
HTTP Request Smuggling

<0:9.0.9-2.el9
  • M
HTTP Request Smuggling

<0:9.0.9-2.el9
  • M
HTTP Request Smuggling

<0:9.0.9-2.el9
  • M
HTTP Request Smuggling

<0:9.0.9-2.el9
  • M
Authentication Bypass

<0:9.0.9-2.el9
  • M
Authentication Bypass

<0:9.0.9-2.el9
  • M
Authentication Bypass

<0:9.0.9-2.el9
  • M
Authentication Bypass

<0:9.0.9-2.el9
  • M
Inefficient Regular Expression Complexity

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • M
Resource Exhaustion

<0:9.0.9-2.el9
  • M
Resource Exhaustion

<0:9.0.9-2.el9
  • M
Resource Exhaustion

<0:9.0.9-2.el9
  • M
Resource Exhaustion

<0:9.0.9-2.el9
  • L
Resource Exhaustion

*
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Improper Authentication

<0:7.5.11-5.el9_0
  • H
Improper Authentication

<0:7.5.11-5.el9_0
  • H
Improper Authentication

<0:7.5.11-5.el9_0
  • H
Improper Authentication

<0:7.5.11-5.el9_0
  • H
Improper Authentication

<0:7.5.11-5.el9_0
  • H
Improper Authentication

<0:7.5.11-5.el9_0
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
Improperly Controlled Sequential Memory Allocation

<0:7.5.15-3.el9
  • H
HTTP Request Smuggling

<0:7.5.15-3.el9
  • H
HTTP Request Smuggling

<0:7.5.15-3.el9
  • H
HTTP Request Smuggling

<0:7.5.15-3.el9
  • H
HTTP Request Smuggling

<0:7.5.15-3.el9
  • L
Directory Traversal

*
  • M
Open Redirect

*
  • L
Insufficient Entropy

*
  • M
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

*
  • H
Missing Release of Resource after Effective Lifetime

<0:7.5.15-3.el9
  • H
Missing Release of Resource after Effective Lifetime

<0:7.5.15-3.el9
  • H
Missing Release of Resource after Effective Lifetime

<0:7.5.15-3.el9
  • H
Missing Release of Resource after Effective Lifetime

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Incorrect Authorization

<0:7.5.15-3.el9
  • H
Incorrect Authorization

<0:7.5.15-3.el9
  • H
Incorrect Authorization

<0:7.5.15-3.el9
  • H
Incorrect Authorization

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Cross-site Scripting (XSS)

<0:7.5.15-3.el9
  • H
Cross-site Request Forgery (CSRF)

<0:7.5.15-3.el9
  • H
Cross-site Request Forgery (CSRF)

<0:7.5.15-3.el9
  • H
Cross-site Request Forgery (CSRF)

<0:7.5.15-3.el9
  • H
Cross-site Request Forgery (CSRF)

<0:7.5.15-3.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Information Exposure

<0:7.5.15-3.el9
  • H
Information Exposure

<0:7.5.15-3.el9