grafana vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the grafana package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
H Resource Exhaustion	*
H Resource Exhaustion	*
H Resource Exhaustion	*
H Resource Exhaustion	*
M Incorrect Resource Transfer Between Spheres	*
M Authorization Bypass Through User-Controlled Key	<0:9.2.10-16.el9_4
M Memory Leak	<0:9.2.10-16.el9_4
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Arbitrary Code Injection	*
M Improper Input Validation	*
M Misinterpretation of Input	*
M Improper Input Validation	*
M Information Exposure	*
C Directory Traversal	*
H Resource Exhaustion	*
M Information Exposure	*
M Allocation of Resources Without Limits or Throttling	*
M Resource Exhaustion	<0:7.5.11-6.el9_0
M Resource Exhaustion	<0:9.0.9-4.el9_2
M Resource Exhaustion	<0:7.5.11-6.el9_0
M Resource Exhaustion	<0:9.0.9-4.el9_2
M Resource Exhaustion	<0:9.0.9-4.el9_2
M Resource Exhaustion	<0:9.0.9-4.el9_2
M Resource Exhaustion	<0:9.0.9-4.el9_2
M Resource Exhaustion	<0:9.0.9-4.el9_2
M Resource Exhaustion	<0:9.0.9-4.el9_2
M Resource Exhaustion	<0:7.5.11-6.el9_0
M Resource Exhaustion	<0:7.5.11-6.el9_0
M Resource Exhaustion	<0:9.0.9-4.el9_2
M CVE-2023-39321	*
M Cross-site Scripting (XSS)	*
M Allocation of Resources Without Limits or Throttling	*
M Cross-site Scripting (XSS)	*
M Resource Exhaustion	*
M Resource Exhaustion	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
C Authentication Bypass by Primary Weakness	<0:9.0.9-3.el9_2
C Authentication Bypass by Primary Weakness	<0:9.0.9-3.el9_2
C Authentication Bypass by Primary Weakness	<0:9.0.9-3.el9_2
C Authentication Bypass by Primary Weakness	<0:9.0.9-3.el9_2
H Inefficient Regular Expression Complexity	*
M Missing Synchronization	*
M Improper Access Control	*
M Resource Exhaustion	*
M Information Exposure	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Arbitrary Code Injection	*
M Resource Exhaustion	<0:9.2.10-7.el9_3
M Inefficient Regular Expression Complexity	*
M Inefficient Regular Expression Complexity	*
M Inefficient Regular Expression Complexity	*
M Cross-site Scripting (XSS)	*
M Resource Exhaustion	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
M Cross-site Scripting (XSS)	*
H Improper Input Validation	*
M Cross-site Scripting (XSS)	<0:9.2.10-7.el9_3
M External Control of Assumed-Immutable Web Parameter	<0:9.2.10-7.el9_3
M Allocation of Resources Without Limits or Throttling	<0:9.2.10-7.el9_3
M Authentication Bypass by Primary Weakness	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Incorrect Implementation of Authentication Algorithm	<0:9.2.10-7.el9_3
M Information Exposure	<0:9.2.10-7.el9_3
M Inefficient Regular Expression Complexity	*
M Improper Authentication	<0:9.0.9-2.el9
M Improper Authentication	<0:9.0.9-2.el9
M Improper Authentication	<0:9.0.9-2.el9
M Improper Authentication	<0:9.0.9-2.el9
M CVE-2022-39201	<0:9.2.10-7.el9_3
M Insufficiently Protected Credentials	<0:9.2.10-7.el9_3
M Improper Verification of Cryptographic Signature	<0:9.2.10-7.el9_3
M CVE-2022-41715	<0:9.0.9-2.el9
M CVE-2022-41715	<0:9.0.9-2.el9
M CVE-2022-41715	<0:9.0.9-2.el9
M CVE-2022-41715	<0:9.0.9-2.el9
M HTTP Request Smuggling	<0:9.0.9-2.el9
M HTTP Request Smuggling	<0:9.0.9-2.el9
M HTTP Request Smuggling	<0:9.0.9-2.el9
M HTTP Request Smuggling	<0:9.0.9-2.el9
M Authentication Bypass	<0:9.0.9-2.el9
M Authentication Bypass	<0:9.0.9-2.el9
M Authentication Bypass	<0:9.0.9-2.el9
M Authentication Bypass	<0:9.0.9-2.el9
M Inefficient Regular Expression Complexity	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
M Resource Exhaustion	<0:9.0.9-2.el9
M Resource Exhaustion	<0:9.0.9-2.el9
M Resource Exhaustion	<0:9.0.9-2.el9
M Resource Exhaustion	<0:9.0.9-2.el9
L Resource Exhaustion	*
H Information Exposure	<0:7.5.15-3.el9
H Information Exposure	<0:7.5.15-3.el9
H Information Exposure	<0:7.5.15-3.el9
H Information Exposure	<0:7.5.15-3.el9
H Improper Authentication	<0:7.5.11-5.el9_0
H Improper Authentication	<0:7.5.11-5.el9_0
H Improper Authentication	<0:7.5.11-5.el9_0
H Improper Authentication	<0:7.5.11-5.el9_0
H Improper Authentication	<0:7.5.11-5.el9_0
H Improper Authentication	<0:7.5.11-5.el9_0
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H Improperly Controlled Sequential Memory Allocation	<0:7.5.15-3.el9
H HTTP Request Smuggling	<0:7.5.15-3.el9
H HTTP Request Smuggling	<0:7.5.15-3.el9
H HTTP Request Smuggling	<0:7.5.15-3.el9
H HTTP Request Smuggling	<0:7.5.15-3.el9
L Directory Traversal	*
M Open Redirect	*
L Insufficient Entropy	*
M Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	*
H Missing Release of Resource after Effective Lifetime	<0:7.5.15-3.el9
H Missing Release of Resource after Effective Lifetime	<0:7.5.15-3.el9
H Missing Release of Resource after Effective Lifetime	<0:7.5.15-3.el9
H Missing Release of Resource after Effective Lifetime	<0:7.5.15-3.el9
H Cross-site Scripting (XSS)	<0:7.5.15-3.el9
H Cross-site Scripting (XSS)	<0:7.5.15-3.el9
H Cross-site Scripting (XSS)	<0:7.5.15-3.el9
H Cross-site Scripting (XSS)	<0:7.5.15-3.el9
H Incorrect Authorization	<0:7.5.15-3.el9
H Incorrect Authorization	<0:7.5.15-3.el9
H Incorrect Authorization	<0:7.5.15-3.el9
H Incorrect Authorization	<0:7.5.15-3.el9
H Cross-site Scripting (XSS)	<0:7.5.15-3.el9
H Cross-site Scripting (XSS)	<0:7.5.15-3.el9
H Cross-site Scripting (XSS)	<0:7.5.15-3.el9
H Cross-site Scripting (XSS)	<0:7.5.15-3.el9
H Cross-site Request Forgery (CSRF)	<0:7.5.15-3.el9
H Cross-site Request Forgery (CSRF)	<0:7.5.15-3.el9
H Cross-site Request Forgery (CSRF)	<0:7.5.15-3.el9
H Cross-site Request Forgery (CSRF)	<0:7.5.15-3.el9
H Information Exposure	<0:7.5.15-3.el9
H Information Exposure	<0:7.5.15-3.el9
H Information Exposure	<0:7.5.15-3.el9
H Information Exposure	<0:7.5.15-3.el9