VYPR

Bitnami package

grafana-image-renderer

pkg:bitnami/grafana-image-renderer

Vulnerabilities (2)

  • CVE-2025-11539CriOct 9, 2025
    affected >= 1.0.0, < 4.0.17fixed 4.0.17

    Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary location

  • CVE-2022-31176Sep 2, 2022
    affected < 3.6.1fixed 3.6.1

    Grafana Image Renderer is a Grafana backend plugin that handles rendering of panels & dashboards to PNGs using a headless browser (Chromium/Chrome). An internal security review identified an unauthorized file disclosure vulnerability. It is possible for a malicious user to retrie