VYPR

apk package

chainguard/grafana-image-renderer

pkg:apk/chainguard/grafana-image-renderer

Vulnerabilities (24)

  • CVE-2025-47944HigMay 19, 2025
    affected < 3.12.6-r0fixed 3.12.6-r0

    Multer is a node.js middleware for handling `multipart/form-data`. A vulnerability that is present starting in version 1.4.4-lts.1 and prior to version 2.0.0 allows an attacker to trigger a Denial of Service (DoS) by sending a malformed multi-part upload request. This request cau

  • CVE-2025-47935HigMay 19, 2025
    affected < 3.12.6-r0fixed 3.12.6-r0

    Multer is a node.js middleware for handling `multipart/form-data`. Versions prior to 2.0.0 are vulnerable to a resource exhaustion and memory leak issue due to improper stream handling. When the HTTP request stream emits an error, the internal `busboy` stream is not closed, viola

  • CVE-2025-26791Feb 14, 2025
    affected < 3.12.1-r1fixed 3.12.1-r1

    DOMPurify before 3.2.4 has an incorrect template literal regular expression, sometimes leading to mutation cross-site scripting (mXSS).

  • CVE-2024-52798HigDec 5, 2024
    affected < 3.11.6-r2fixed 3.11.6-r2

    path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. The regular expression that is vulnerable to backtracking can be generated in the 0.1.x release of path

Page 2 of 2