CVE-2025-1088

LOW2.7EPSS 0.35%

Grafana long dashboard title or panel name causes unresponsives in github.com/grafana/grafana

發布日:2025/6/18修改日:2026/2/4

描述

Grafana long dashboard title or panel name causes unresponsives in github.com/grafana/grafana. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. (If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.) The additional affected modules and versions are: github.com/grafana/grafana before v11.6.2.

受影響套件(3)

Bitnami/grafanafrom 0, < 11.6.2
Go/github.com/grafana/grafana>= 0.0.1-test, < 11.6.2
Go/github.com/grafana/grafanafrom 0, < 0.0.0-20250521211231-e0ba4b480954, >= 0.0.1-test

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	LOW2.7	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

參考連結(5)

ADVISORYhttps://github.com/advisories/GHSA-crvv-6w6h-cv34
ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2025-1088
PATCHhttps://github.com/grafana/grafana
WEBhttps://grafana.com/security/security-advisories/cve-2025-1088
WEBhttps://grafana.com/security/security-advisories/cve-2025-1088/