commercial-grafana-enterprisepackaged by Chainguard
packaged by Chainguard
Last changed
Request a free trial
Contact our team to test out this image for free. Please also indicate any other images you would like to evaluate.
Tag:
Severity:All
Expand | CVE ID | Severity | Package | Version | Last detected |
|---|---|---|---|---|---|
CVE-2026-39821 | Critical | golang.org/x/net | v0.49.0 | ||
CVE-2026-39834 | Critical | golang.org/x/crypto | v0.47.0 | ||
CVE-2026-46595 | Critical | golang.org/x/crypto | v0.47.0 | ||
CVE-2026-39832 | Critical | golang.org/x/crypto | v0.47.0 | ||
CVE-2026-42508 | Critical | golang.org/x/crypto | v0.47.0 | ||
CVE-2026-33816 | Critical | github.com/jackc/pgx/v5 | v5.8.0 | ||
CVE-2026-39833 | Critical | golang.org/x/crypto | v0.47.0 | ||
CVE-2026-33815 | Critical | github.com/jackc/pgx/v5 | v5.8.0 | ||
CVE-2026-39830 | Critical | golang.org/x/crypto | v0.47.0 | ||
CVE-2026-39831 | Critical | golang.org/x/crypto | v0.47.0 | ||
CVE-2026-34040 | High | github.com/moby/moby | v28.0.1+incompatible | ||
CVE-2026-29181 | High | go.opentelemetry.io/otel | v1.39.0 | ||
CVE-2026-24051 | High | go.opentelemetry.io/otel/sdk | v1.39.0 | ||
CVE-2026-42504 | High | stdlib | go1.25.9 | ||
CVE-2026-42504 | High | stdlib | go1.25.9 | ||
CVE-2026-35469 | High | github.com/moby/spdystream | v0.5.0 | ||
CVE-2026-46597 | High | golang.org/x/crypto | v0.47.0 | ||
CVE-2026-39829 | High | golang.org/x/crypto | v0.47.0 | ||
CVE-2026-41602 | High | github.com/apache/thrift | v0.22.0 | ||
CVE-2026-42151 | High | github.com/prometheus/prometheus | v0.303.1 | ||
CVE-2026-41567 | High | github.com/moby/moby | v28.0.1+incompatible | ||
CVE-2026-21728 | High | github.com/grafana/tempo | v1.5.1-0.20250529124718-87c2dc380cec | ||
CVE-2026-39883 | High | go.opentelemetry.io/otel/sdk | v1.39.0 | ||
CVE-2026-28377 | High | github.com/grafana/tempo | v1.5.1-0.20250529124718-87c2dc380cec | ||
CVE-2026-42504 | High | stdlib | go1.25.9 | ||
CVE-2026-42306 | High | github.com/moby/moby | v28.0.1+incompatible | ||
CVE-2026-34986 | High | github.com/go-jose/go-jose/v4 | v4.1.3 | ||
CVE-2026-42154 | High | github.com/prometheus/prometheus | v0.303.1 | ||
CVE-2026-44903 | Medium | github.com/prometheus/prometheus | v0.303.1 | ||
CVE-2020-8911 | Medium | github.com/aws/aws-sdk-go | v1.55.7 | ||
CVE-2026-34972 | Medium | github.com/openfga/openfga | v1.11.3 | ||
CVE-2026-33729 | Medium | github.com/openfga/openfga | v1.11.3 | ||
CVE-2026-25680 | Medium | golang.org/x/net | v0.49.0 | ||
CVE-2026-42507 | Medium | stdlib | go1.25.9 | ||
CVE-2026-33997 | Medium | github.com/moby/moby | v28.0.1+incompatible | ||
CVE-2026-21726 | Medium | github.com/grafana/loki/v3 | v3.2.1 | ||
CVE-2026-27145 | Medium | stdlib | go1.25.9 | ||
CVE-2026-39882 | Medium | go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp | v0.12.2 | ||
CVE-2026-39828 | Medium | golang.org/x/crypto | v0.47.0 | ||
CVE-2026-32952 | Medium | github.com/Azure/go-ntlmssp | v0.0.0-20220621081337-cb9428e4ac1e | ||
CVE-2026-40293 | Medium | github.com/openfga/openfga | v1.11.3 | ||
CVE-2026-39827 | Medium | golang.org/x/crypto | v0.47.0 | ||
CVE-2026-27145 | Medium | stdlib | go1.25.9 | ||
CVE-2026-46598 | Medium | golang.org/x/crypto | v0.47.0 | ||
CVE-2026-42502 | Medium | golang.org/x/net | v0.49.0 | ||
CVE-2026-39882 | Medium | go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp | v1.39.0 | ||
CVE-2026-41568 | Medium | github.com/moby/moby | v28.0.1+incompatible | ||
GHSA-xmrv-pmrh-hhx2 | Medium | github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream | v1.6.11 | ||
CVE-2026-39835 | Medium | golang.org/x/crypto | v0.47.0 | ||
CVE-2026-41131 | Medium | github.com/openfga/openfga | v1.11.3 | ||
GHSA-xmrv-pmrh-hhx2 | Medium | github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs | v1.51.0 | ||
CVE-2026-42507 | Medium | stdlib | go1.25.9 | ||
CVE-2026-48096 | Medium | github.com/openfga/openfga | v1.11.3 | ||
CVE-2026-27136 | Medium | golang.org/x/net | v0.49.0 | ||
CVE-2026-25681 | Medium | golang.org/x/net | v0.49.0 | ||
GHSA-xmrv-pmrh-hhx2 | Medium | github.com/aws/aws-sdk-go-v2/service/s3 | v1.84.0 | ||
CVE-2026-27145 | Medium | stdlib | go1.25.9 | ||
CVE-2026-42506 | Medium | golang.org/x/net | v0.49.0 | ||
CVE-2026-39882 | Medium | go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp | v1.39.0 | ||
CVE-2026-42507 | Medium | stdlib | go1.25.9 | ||
CVE-2026-40179 | Medium | github.com/prometheus/prometheus | v0.303.1 | ||
CVE-2020-8912 | Low | github.com/aws/aws-sdk-go | v1.55.7 | ||
CVE-2026-41889 | Low | github.com/jackc/pgx/v5 | v5.8.0 |
Last updated:
The trusted source for open source
Talk to an expertProduct
Customers
© 2026 Chainguard, Inc. All Rights Reserved.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.
Chainguard® and the Chainguard logo are registered trademarks of Chainguard, Inc. in the United States and/or other countries.
The other respective trademarks mentioned on this page are owned by the respective companies and use of them does not imply any affiliation or endorsement.