Vulners
Lucene search
TencentOS Server 4: grafana (TSSA-2025:0978)
10
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Tencent Linux Security Advisory TSSA-2025:0978.
##
include('compat.inc');
if (description)
{
script_id(282602);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/12");
script_cve_id("CVE-2025-64718", "CVE-2025-68429");
script_name(english:"TencentOS Server 4: grafana (TSSA-2025:0978)");
script_set_attribute(attribute:"synopsis", value:
"The remote TencentOS Server 4 host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is,
therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0978 advisory.
Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:
CVE-2025-68429:
Storybook is a frontend workshop for building user interface components and pages in isolation. A
vulnerability present starting in versions 7.0.0 and prior to versions 7.6.21, 8.6.15, 9.1.17, and 10.1.10
relates to Storybooks handling of environment variables defined in a `.env` file, which could, in
specific circumstances, lead to those variables being unexpectedly bundled into the artifacts created by
the `storybook build` command. When a built Storybook is published to the web, the bundles source is
viewable, thus potentially exposing those variables to anyone with access. For a project to potentially be
vulnerable to this issue, it must build the Storybook (i.e. run `storybook build` directly or indirectly)
in a directory that contains a `.env` file (including variants like `.env.local`) and publish the built
Storybook to the web. Storybooks built without a `.env` file at build time are not affected, including
common CI-based builds where secrets are provided via platform environment variables rather than `.env`
files. Storybook runtime environments (i.e. `storybook dev`) are not affected. Deployed applications that
share a repo with your Storybook are not affected. Users should upgrade their Storybookon both their
local machines and CI environmentto version .6.21, 8.6.15, 9.1.17, or 10.1.10 as soon as possible.
Maintainers additionally recommend that users audit for any sensitive secrets provided via `.env` files
and rotate those keys. Some projects may have been relying on the undocumented behavior at the heart of
this issue and will need to change how they reference environment variables after this update. If a
project can no longer read necessary environmental variable values, either prefix the variables with
`STORYBOOK_` or use the `env` property in Storybooks configuration to manually specify values. In
either case, do not include sensitive secrets as they will be included in the built bundle.
CVE-2025-64718:
js-yaml is a JavaScript YAML parser and dumper. In js-yaml 4.1.0 and below, it's possible for an attacker
to modify the prototype of the result of a parsed yaml document via prototype pollution (`__proto__`). All
users who parse untrusted yaml documents may be impacted. The problem is patched in js-yaml 4.1.1. Users
can protect against this kind of attack on the server by using `node --disable-proto=delete` or `deno` (in
Deno, pollution protection is on by default).
Tenable has extracted the preceding description block directly from the Tencent Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://mirrors.tencent.com/tlinux/errata/tssa-20250978.xml");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-68429");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2025/11/13");
script_set_attribute(attribute:"patch_publication_date", value:"2026/01/08");
script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/12");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/o:tencent:tencentos_server:4");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:tencent:tencentos_server:grafana");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Tencent Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info2.nasl");
script_require_keys("Host/local_checks_enabled", "Host/etc/os-release", "Host/TencentOS/rpm-list", "Host/cpu");
exit(0);
}
include('rpm2.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'TencentOS' >!< os_product) audit(AUDIT_OS_NOT, 'TencentOS');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'TencentOS');
if (! preg(pattern:"^4([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'TencentOS 4.x', 'TencentOS ' + os_version);
if (!get_kb_item('Host/TencentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'TencentOS', cpu);
var constraints = [
{
'release': '4',
'pkgs': [
{'reference':'grafana-10.2.6-19.tl4', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
{'reference':'grafana-10.2.6-19.tl4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
{'reference':'grafana-debuginfo-10.2.6-19.tl4', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
{'reference':'grafana-debuginfo-10.2.6-19.tl4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE},
{'reference':'grafana-debugsource-10.2.6-19.tl4', 'cpu':'aarch64', 'rpm_spec_vers_cmp':TRUE},
{'reference':'grafana-debugsource-10.2.6-19.tl4', 'cpu':'x86_64', 'rpm_spec_vers_cmp':TRUE}
]
}
];
var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');
var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
# Check that the target release is equal to the affected release
if (!empty_or_null(constraint['release'])){
if (constraint['release'] != os_release) continue;
}
if (!empty_or_null(constraint['sp'])){
if (constraint['sp'] != os_sp) continue;
}
foreach var pkg ( constraint['pkgs'] ) {
reference = NULL;
sp = NULL;
_cpu = NULL;
el_string = NULL;
rpm_spec_vers_cmp = NULL;
epoch = NULL;
allowmaj = NULL;
exists_check = NULL;
cves = NULL;
if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
if (reference &&
## (no known rpm to check OR known rpm_exists)
(!exists_check || rpm_exists(rpm:exists_check)) &&
rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
}
}
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'grafana / grafana-debuginfo / grafana-debugsource');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
12 Jan 2026 00:00Current
5.8Medium risk
Vulners AI Score5.8
CVSS 3.15.3 - 7.3
EPSS0.00025
SSVC