You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322.
Affected range
>=1.26.0-0 <1.26.3
Fixed version
1.26.3
EPSS Score
0.007%
EPSS Percentile
1st percentile
Description
The Dial and LookupPort functions panic on Windows when provided with an input containing a NUL (0).
Affected range
>=1.26.0-0 <1.26.3
Fixed version
1.26.3
EPSS Score
0.018%
EPSS Percentile
5th percentile
Description
Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations.
Affected range
>=1.26.0-0 <1.26.3
Fixed version
1.26.3
EPSS Score
0.008%
EPSS Percentile
1st percentile
Description
When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGS_MAX_FRAME_SIZE with a value of 0.
Affected range
>=1.26.0-0 <1.26.3
Fixed version
1.26.3
EPSS Score
0.007%
EPSS Percentile
1st percentile
Description
When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash.
Affected range
>=1.26.0-0 <1.26.3
Fixed version
1.26.3
EPSS Score
0.012%
EPSS Percentile
2nd percentile
Description
If a trusted template author were to write a <script> tag containing an empty 'type' attribute or a 'type' attribute with an ASCII whitespace, the execution of the template would incorrectly escape any data passed into the <script> block.
Affected range
>=1.26.0-0 <1.26.3
Fixed version
1.26.3
EPSS Score
0.011%
EPSS Percentile
1st percentile
Description
CVE-2026-27142 fixed a vulnerability in which URLs were not correctly escaped inside of a tag's attribute. If the URL content were to insert ASCII whitespaces around the '=' rune inside of the attribute, the escaper would fail to similarly escape it, leading to XSS.
Affected range
>=1.26.0-0 <1.26.3
Fixed version
1.26.3
EPSS Score
0.007%
EPSS Percentile
1st percentile
Description
ReverseProxy can forward queries containing parameters not visible to Rewrite functions.
When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery. ReverseProxy does not take ParseQuery's limit on the total number of query parameters (controlled by GODEBUG=urlmaxqueryparams=N) into account. This can permit ReverseProxy to forward a request containing a query parameter that is not visible to the Rewrite function.
For example, the query "a1=x&a2=x&...&a10000=x&hidden=y" can forward the parameter "hidden=y" while hiding it from the proxy's Rewrite function.
The remote read endpoint (/api/v1/read) does not validate the declared decoded length in a snappy-compressed request body before allocating memory.
An unauthenticated attacker can send a small payload that causes a huge heap allocation per request. Under concurrent load this can exhaust available memory and crash the Prometheus process.
Patches
Has the problem been patched? What versions should users upgrade to?
Fixed in 3.11.3 and 3.5.3 LTS. Users should upgrade to these versions or later.
Workarounds
User who can not upgrade can place Prometheus behind a reverse proxy or firewall that requires authentication before requests reach /api/v1/read.
Exposure of Sensitive Information to an Unauthorized Actor
Affected range
>=0.45.2 <0.311.3
Fixed version
0.311.3
CVSS Score
7.5
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
0.010%
EPSS Percentile
1st percentile
Description
Impact
Users who use Azure AD remote write with OAuth authentication are impacted.
The client_secret field in the Azure AD remote write OAuth configuration (storage/remote/azuread) was typed as string instead of Secret. Prometheus redacts fields of type Secret when serving the configuration via the /-/config HTTP API endpoint. Because the field was a plain string, the Azure OAuth client secret was exposed in plaintext to any user or process with access to that endpoint.
Patches
The problem has been patched by changing ClientSecret in OAuthConfig to Secret. Users should upgrade to 3.11.3 or 3.5.3 LTS.
Workarounds
Users who can not upgrade can switch to Managed Identity or Workload Identity authentication for Azure AD remote write, which do not involve a client secret.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Stored cross-site scripting (XSS) via crafted metric names in the Prometheus web UI:
Old React UI + New Mantine UI: When a user hovers over a chart tooltip on the Graph page, metric names containing HTML/JavaScript are injected into innerHTML without escaping, causing arbitrary script execution in the user's browser.
Old React UI only: When a user opens the Metric Explorer (globe icon next to the PromQL expression input field), and a metric name containing HTML/JavaScript is rendered in the fuzzy search results, it is injected into innerHTML without escaping, causing arbitrary script execution in the user's browser.
Old React UI only: When a user views a heatmap chart and hovers over a cell, the le label values of the underlying histogram buckets are interpolated into innerHTML without escaping. While le is conventionally a numeric bucket boundary, Prometheus does not enforce this — arbitrary UTF-8 strings are accepted as label values, allowing script injection via a crafted scrape target or remote write.
With Prometheus v3.x defaulting to UTF-8 metric and label name validation, characters like <, >, and " are now valid in metric names and labels, making this exploitable.
An attacker who can inject metrics (via a compromised scrape target, remote write, or OTLP receiver endpoint) can execute JavaScript in the browser of any Prometheus user who views the metric in the Graph UI. From the XSS context, an attacker could for example:
Read /api/v1/status/config to extract sensitive configuration (although credentials / secrets are redacted by the server)
Call /-/quit to shut down Prometheus (only if --web.enable-lifecycle is set)
Call /api/v1/admin/tsdb/delete_series to delete data (only if --web.enable-admin-api is set)
Exfiltrate metric data to an external server
Both the new Mantine UI and the old React UI are affected. The vulnerable code paths are:
web/ui/mantine-ui/src/pages/query/uPlotChartHelpers.ts — tooltip innerHTML with unescaped labels.__name__
web/ui/react-app/src/pages/graph/GraphHelpers.ts — tooltip content with unescaped labels.__name__
web/ui/react-app/src/pages/graph/MetricsExplorer.tsx — fuzzy search results rendered via dangerouslySetInnerHTML without sanitization
web/ui/react-app/src/vendor/flot/jquery.flot.heatmap.js — heatmap tooltip with unescaped label values
Patches
A patch has been published in Prometheus 3.5.2 LTS and Prometheus 3.11.2. The fix applies escapeHTML() to all user-controlled values (metric names and label values) before inserting them into innerHTML. This advisory will be updated with the patched version once released.
Workarounds
If using the remote write receiver (--web.enable-remote-write-receiver), ensure it is not exposed to untrusted sources.
If using the OTLP receiver (--web.enable-otlp-receiver), ensure it is not exposed to untrusted sources.
Ensure scrape targets are trusted and not under attacker control.
Do not enable admin / mutating API endpoints (e.g. --web.enable-admin-api or web.enable-lifecycle) in cases where you cannot prevent untrusted data from being ingested.
Users should avoid clicking untrusted links, especially those containing functions such as label_replace, as they may generate poisoned label names and values.
Acknowledgements
Thanks to @gladiator9797 (Duc Anh Nguyen from TinyxLab) for reporting this.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Affected range
<0.311.3
Fixed version
0.311.3
Description
Impact
In the Prometheus server's legacy web UI (enabled via the command-line flag --enable-feature=old-ui), the histogram heatmap chart view does not escape le label values when inserting them into the HTML for use as axis tick mark labels.
An attacker who can inject crafted metrics (e.g. via a compromised scrape target, remote write, or OTLP receiver endpoint) can execute JavaScript in the browser of any Prometheus user who views the metric in the heatmap chart UI. From the XSS context, an attacker could for example:
Read /api/v1/status/config to extract sensitive configuration (although credentials / secrets are redacted by the server)
Call /-/quit to shut down Prometheus (only if --web.enable-lifecycle is set)
Call /api/v1/admin/tsdb/delete_series to delete data (only if --web.enable-admin-api is set)
Exfiltrate metric data to an external server
Note that this only affects users who have explicitly enabled the legacy Prometheus web UI using the --enable-feature=old-ui command-line flag.
If at all possible, disable the legacy web UI by removing the --enable-feature=old-ui command-line flag).
If this is not an option, take the following precautions:
If using the remote write receiver (--web.enable-remote-write-receiver), ensure it is not exposed to untrusted sources.
If using the OTLP receiver (--web.enable-otlp-receiver), ensure it is not exposed to untrusted sources.
Ensure scrape targets are trusted and not under attacker control.
Do not enable admin / mutating API endpoints (e.g. --web.enable-admin-api or web.enable-lifecycle) in cases where you cannot prevent untrusted data from being ingested.
Users should avoid clicking untrusted links, especially those containing functions such as label_replace, as they may generate poisoned label names and values.
References
CVE-2019-10215 — prior stored DOM XSS vulnerability in Prometheus query history, fixed in v2.7.2
CVE-2026-40179 — prior stored DOM XSS vulnerability in Prometheus web UI (hover tooltips and metrics explorer), fixed in v3.11.2
github.com/grafana/loki/v33.4.2 (golang)
pkg:golang/github.com/grafana/loki@3.4.2#v3
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Affected range
<3.6.4
Fixed version
3.6.4
CVSS Score
5.3
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.015%
EPSS Percentile
3rd percentile
Description
The CVE-2021-36156 fix validates the namespace parameter for path traversal sequences after a single URL decode, by double encoding, an attacker can read files at the Ruler API endpoint /loki/api/v1/rules/{namespace}
Thanks to Prasanth Sundararajan for reporting this vulnerability.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
nicholasdille-bot
left a comment
uniget-bot
force-pushed
the
renovate/gcx-0.2.x
branch
from
This PR contains the following updates:
0.2.13→0.2.14Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
grafana/gcx (gcx)
v0.2.14Compare Source
Helm formatter support
notification-policies, and templates
gcx versionstructured subcommand with machine-readable outputgcx assistant dashboardsubcommand; fix--agent-idflag--org-idto configure organization IDstacks delete: rename--yesto--force; respect agent modeConfirmDestructive.grafana.comhosts and stack-id as Cloudconfig checkafter successful loginConfiguration
📅 Schedule: (in timezone Europe/Berlin)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate.