Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2025/07/15 12:0 a.m.16 views

Grafana Labs < 10.4.17+security-01, 11.2.8+security-01, 11.3.5+security-01, 11.4.3+security-01, 11.5.3+security-01, 11.6.0+security-01 Improper Authorization (CVE-2025-3454)

The version of Grafana Labs installed on the remote host is affected by improper authorization vulnerability as referenced in the CVE-2025-3454 advisory. - This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL...

5CVSS6.2AI score0.00414EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/06/18 2:12 a.m.3 views

Security update for grafana

This update for grafana fixes the following issues: grafana was updated from version 10.4.15 to 11.5.5 jscPED-12918: Security issues fixed: CVE-2025-4123: Fix cross-site scripting vulnerability bsc1243714. CVE-2025-22872: Bump golang.org/x/net/html bsc1241809 CVE-2025-3580: Prevent unauthorized...

9.9CVSS7.3AI score0.97809EPSS
Exploits19References42
NVD
NVD
added 2025/06/02 11:15 a.m.17 views

CVE-2025-3454

This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Users with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources. The issue primarily...

5CVSS0.00414EPSS
Exploits0References1
Circl
Circl
added 2025/04/23 8:30 a.m.25 views

CVE-2025-3454

creationtimestamp| type| source ---|---|--- 2025-04-23 08:30:30+00:00| seen| https://bsky.app/profile/grafana.bsky.social/post/3lnhroytxvs2w 2025-04-23 10:38:14+00:00| seen| https://bsky.app/profile/nixpkgssecuritychanges.gerbet.me/post/3lnhytg4c222p 2025-04-26 10:03:20+00:00| seen|...

5CVSS6.6AI score0.00414EPSS
Exploits0References6
Rows per page
Query Builder