Skip to content

CVEs in Prometheus-Adapter #706

Description

@simrangera99

What happened?:
Following CVE's are being reported in Prometheus Adapter:
CVE-2025-22868 | HIGH
CVE-2025-4673 | MEDIUM
CVE-2025-0913 | MEDIUM
GHSA-fv92-fjc5-jj9h |
CVE-2025-22872 | MEDIUM
CVE-2024-34158 | HIGH
CVE-2024-24791 | HIGH
CVE-2024-34156 | HIGH
CVE-2024-24790 | CRITICAL

What did you expect to happen?:
Fix the CVE

Please provide the prometheus-adapter config:

Please provide the HPA resource used for autoscaling:

Please provide the HPA status:

Please provide the prometheus-adapter logs with -v=6 around the time the issue happened:

Anything else we need to know?:

Environment:

  • prometheus-adapter version:
  • prometheus version:
  • Kubernetes version (use kubectl version):
  • Cloud provider or hardware configuration:
  • Other info:

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/bugCategorizes issue or PR as related to a bug.needs-triageIndicates an issue or PR lacks a `triage/foo` label and requires one.

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions