Affected by GO-2026-5381
and 2 other vulnerabilities
GO-2026-5381: Prometheus vulnerable to stored XSS via crafted histogram bucket label values in the old web UI heatmap display in github.com/prometheus/prometheus
GO-2026-5662: Prometheus has Stored XSS via metric names and label values in Prometheus web UI in github.com/prometheus/prometheus
GO-2026-5710: Prometheus Azure AD remote write OAuth client secret exposed via config API in github.com/prometheus/prometheus
NewSharedSemaphore creates and returns a new semaphore channel that can be used
to limit the number of simultaneous connections across multiple listeners.