VYPR

Grafana Image Renderer

by Grafana

Source repositories

CVEs (2)

  • CVE-2025-11539CriOct 9, 2025
    risk 0.57cvss 9.9epss 0.01

    Grafana Image Renderer is vulnerable to remote code execution due to an arbitrary file write vulnerability. This is due to the fact that the /render/csv endpoint lacked validation of the filePath parameter that allowed an attacker to save a shared object to an arbitrary…

  • CVE-2022-31176Sep 2, 2022
    risk 0.00cvss epss 0.01

    Grafana Image Renderer is a Grafana backend plugin that handles rendering of panels & dashboards to PNGs using a headless browser (Chromium/Chrome). An internal security review identified an unauthorized file disclosure vulnerability. It is possible for a malicious user to…