@grafana/ui@9.1.0-73368pre vulnerabilities
Grafana Components Library
-
latest version
10.2.2
-
latest non vulnerable version
-
first published
5 years ago
-
latest version published
13 days ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the @grafana/ui package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
@grafana/ui is a Grafana Components Library Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the core plugin GeoMap, due to SVG-files improper sanitization. Exploiting this vulnerability allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. How to fix Cross-site Scripting (XSS)? Upgrade |
>=8.1.0 <8.5.16
>=9.0.0 <9.3.6
|