Vulnerabilidades em prometheus
8 resultadosCVE-2021-29622MEDIUMArbitrary redirects under /new endpointEPSS 19.6%CVE-2022-21698HIGHUncontrolled Resource Consumption in promhttpEPSS 6.0%CVE-2022-46146MEDIUMPrometheus Exporter Toolkit vulnerable to basic authentication bypassEPSS 1.2%CVE-2023-40577HIGHAlertmanager UI is vulnerable to stored XSS via the /api/v1/alerts endpointEPSS 0.6%CVE-2026-42154HIGHPrometheus: remote read endpoint allows denial of service via crafted snappy payloadEPSS 0.6%CVE-2026-42151HIGHPrometheus Azure AD remote write OAuth client secret exposed via config APIEPSS 0.2%CVE-2026-40179MEDIUMPrometheus: Stored XSS via metric names and label values in web UI tooltips and metrics explorerEPSS 0.2%CVE-2026-44903MEDIUMPrometheus: Stored XSS via crafted histogram bucket label values in the heatmap display of the old Prometheus web UIEPSS 0.2%