Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/grafana@7.5.15-7?arch=el8_8
Typerpm
Namespaceredhat
Namegrafana
Version7.5.15-7
Qualifiers
arch el8_8
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-7y8a-8can-nba1
vulnerability_id VCID-7y8a-8can-nba1
summary 
RoadRunner is at risk of HTTP Request/Response Smuggling through vulnerable dependency
The net/http package dependency used by RoadRunner improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22871.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-22871.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-22871
reference_id
reference_type
scores
0
value 0.00094
scoring_system epss
scoring_elements 0.26249
published_at 2026-04-09T12:55:00Z
1
value 0.00094
scoring_system epss
scoring_elements 0.26092
published_at 2026-04-21T12:55:00Z
2
value 0.00094
scoring_system epss
scoring_elements 0.26131
published_at 2026-04-18T12:55:00Z
3
value 0.00094
scoring_system epss
scoring_elements 0.26155
published_at 2026-04-16T12:55:00Z
4
value 0.00094
scoring_system epss
scoring_elements 0.26151
published_at 2026-04-13T12:55:00Z
5
value 0.00094
scoring_system epss
scoring_elements 0.2621
published_at 2026-04-12T12:55:00Z
6
value 0.00094
scoring_system epss
scoring_elements 0.26133
published_at 2026-04-07T12:55:00Z
7
value 0.00094
scoring_system epss
scoring_elements 0.26201
published_at 2026-04-08T12:55:00Z
8
value 0.00094
scoring_system epss
scoring_elements 0.26255
published_at 2026-04-11T12:55:00Z
9
value 0.00125
scoring_system epss
scoring_elements 0.31477
published_at 2026-04-24T12:55:00Z
10
value 0.00127
scoring_system epss
scoring_elements 0.32241
published_at 2026-04-04T12:55:00Z
11
value 0.00127
scoring_system epss
scoring_elements 0.32204
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-22871
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22871
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22871
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/roadrunner-server/roadrunner
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/roadrunner-server/roadrunner
5
reference_url https://github.com/roadrunner-server/roadrunner/commit/f269279ee87d0b88127741cad1042389af7605fa
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/roadrunner-server/roadrunner/commit/f269279ee87d0b88127741cad1042389af7605fa
6
reference_url https://github.com/roadrunner-server/roadrunner/issues/2166
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/roadrunner-server/roadrunner/issues/2166
7
reference_url https://github.com/roadrunner-server/roadrunner/releases/tag/v2025.1.0
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/roadrunner-server/roadrunner/releases/tag/v2025.1.0
8
reference_url https://go.dev/cl/652998
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-18T14:57:03Z/
url https://go.dev/cl/652998
9
reference_url https://go.dev/issue/71988
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-18T14:57:03Z/
url https://go.dev/issue/71988
10
reference_url https://groups.google.com/g/golang-announce/c/Y2uBTVKjBQk
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-18T14:57:03Z/
url https://groups.google.com/g/golang-announce/c/Y2uBTVKjBQk
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-22871
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-22871
12
reference_url https://pkg.go.dev/vuln/GO-2025-3563
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-18T14:57:03Z/
url https://pkg.go.dev/vuln/GO-2025-3563
13
reference_url http://www.openwall.com/lists/oss-security/2025/04/04/4
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2025/04/04/4
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2358493
reference_id 2358493
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2358493
15
reference_url https://github.com/advisories/GHSA-g9pc-8g42-g6vq
reference_id GHSA-g9pc-8g42-g6vq
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g9pc-8g42-g6vq
16
reference_url https://access.redhat.com/errata/RHSA-2025:10271
reference_id RHSA-2025:10271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10271
17
reference_url https://access.redhat.com/errata/RHSA-2025:10291
reference_id RHSA-2025:10291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10291
18
reference_url https://access.redhat.com/errata/RHSA-2025:10294
reference_id RHSA-2025:10294
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10294
19
reference_url https://access.redhat.com/errata/RHSA-2025:10323
reference_id RHSA-2025:10323
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10323
20
reference_url https://access.redhat.com/errata/RHSA-2025:10767
reference_id RHSA-2025:10767
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10767
21
reference_url https://access.redhat.com/errata/RHSA-2025:10768
reference_id RHSA-2025:10768
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10768
22
reference_url https://access.redhat.com/errata/RHSA-2025:10781
reference_id RHSA-2025:10781
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10781
23
reference_url https://access.redhat.com/errata/RHSA-2025:10782
reference_id RHSA-2025:10782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:10782
24
reference_url https://access.redhat.com/errata/RHSA-2025:11352
reference_id RHSA-2025:11352
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11352
25
reference_url https://access.redhat.com/errata/RHSA-2025:11396
reference_id RHSA-2025:11396
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11396
26
reference_url https://access.redhat.com/errata/RHSA-2025:11479
reference_id RHSA-2025:11479
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11479
27
reference_url https://access.redhat.com/errata/RHSA-2025:11678
reference_id RHSA-2025:11678
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11678
28
reference_url https://access.redhat.com/errata/RHSA-2025:11682
reference_id RHSA-2025:11682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11682
29
reference_url https://access.redhat.com/errata/RHSA-2025:11749
reference_id RHSA-2025:11749
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:11749
30
reference_url https://access.redhat.com/errata/RHSA-2025:12091
reference_id RHSA-2025:12091
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:12091
31
reference_url https://access.redhat.com/errata/RHSA-2025:12831
reference_id RHSA-2025:12831
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:12831
32
reference_url https://access.redhat.com/errata/RHSA-2025:12850
reference_id RHSA-2025:12850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:12850
33
reference_url https://access.redhat.com/errata/RHSA-2025:12891
reference_id RHSA-2025:12891
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:12891
34
reference_url https://access.redhat.com/errata/RHSA-2025:13241
reference_id RHSA-2025:13241
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:13241
35
reference_url https://access.redhat.com/errata/RHSA-2025:13671
reference_id RHSA-2025:13671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:13671
36
reference_url https://access.redhat.com/errata/RHSA-2025:15291
reference_id RHSA-2025:15291
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:15291
37
reference_url https://access.redhat.com/errata/RHSA-2025:16124
reference_id RHSA-2025:16124
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:16124
38
reference_url https://access.redhat.com/errata/RHSA-2025:19306
reference_id RHSA-2025:19306
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:19306
39
reference_url https://access.redhat.com/errata/RHSA-2025:21328
reference_id RHSA-2025:21328
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21328
40
reference_url https://access.redhat.com/errata/RHSA-2025:21331
reference_id RHSA-2025:21331
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:21331
41
reference_url https://access.redhat.com/errata/RHSA-2025:8298
reference_id RHSA-2025:8298
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8298
42
reference_url https://access.redhat.com/errata/RHSA-2025:8476
reference_id RHSA-2025:8476
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8476
43
reference_url https://access.redhat.com/errata/RHSA-2025:8477
reference_id RHSA-2025:8477
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8477
44
reference_url https://access.redhat.com/errata/RHSA-2025:8478
reference_id RHSA-2025:8478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8478
45
reference_url https://access.redhat.com/errata/RHSA-2025:8539
reference_id RHSA-2025:8539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8539
46
reference_url https://access.redhat.com/errata/RHSA-2025:8601
reference_id RHSA-2025:8601
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8601
47
reference_url https://access.redhat.com/errata/RHSA-2025:8632
reference_id RHSA-2025:8632
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8632
48
reference_url https://access.redhat.com/errata/RHSA-2025:8633
reference_id RHSA-2025:8633
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8633
49
reference_url https://access.redhat.com/errata/RHSA-2025:8634
reference_id RHSA-2025:8634
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8634
50
reference_url https://access.redhat.com/errata/RHSA-2025:8665
reference_id RHSA-2025:8665
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8665
51
reference_url https://access.redhat.com/errata/RHSA-2025:8666
reference_id RHSA-2025:8666
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8666
52
reference_url https://access.redhat.com/errata/RHSA-2025:8667
reference_id RHSA-2025:8667
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8667
53
reference_url https://access.redhat.com/errata/RHSA-2025:8670
reference_id RHSA-2025:8670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8670
54
reference_url https://access.redhat.com/errata/RHSA-2025:8680
reference_id RHSA-2025:8680
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8680
55
reference_url https://access.redhat.com/errata/RHSA-2025:8682
reference_id RHSA-2025:8682
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8682
56
reference_url https://access.redhat.com/errata/RHSA-2025:8685
reference_id RHSA-2025:8685
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8685
57
reference_url https://access.redhat.com/errata/RHSA-2025:8689
reference_id RHSA-2025:8689
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8689
58
reference_url https://access.redhat.com/errata/RHSA-2025:8691
reference_id RHSA-2025:8691
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8691
59
reference_url https://access.redhat.com/errata/RHSA-2025:8737
reference_id RHSA-2025:8737
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8737
60
reference_url https://access.redhat.com/errata/RHSA-2025:8915
reference_id RHSA-2025:8915
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8915
61
reference_url https://access.redhat.com/errata/RHSA-2025:8916
reference_id RHSA-2025:8916
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8916
62
reference_url https://access.redhat.com/errata/RHSA-2025:8918
reference_id RHSA-2025:8918
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8918
63
reference_url https://access.redhat.com/errata/RHSA-2025:8974
reference_id RHSA-2025:8974
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8974
64
reference_url https://access.redhat.com/errata/RHSA-2025:8975
reference_id RHSA-2025:8975
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8975
65
reference_url https://access.redhat.com/errata/RHSA-2025:8982
reference_id RHSA-2025:8982
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8982
66
reference_url https://access.redhat.com/errata/RHSA-2025:8983
reference_id RHSA-2025:8983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8983
67
reference_url https://access.redhat.com/errata/RHSA-2025:8984
reference_id RHSA-2025:8984
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8984
68
reference_url https://access.redhat.com/errata/RHSA-2025:9017
reference_id RHSA-2025:9017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9017
69
reference_url https://access.redhat.com/errata/RHSA-2025:9018
reference_id RHSA-2025:9018
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9018
70
reference_url https://access.redhat.com/errata/RHSA-2025:9019
reference_id RHSA-2025:9019
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9019
71
reference_url https://access.redhat.com/errata/RHSA-2025:9020
reference_id RHSA-2025:9020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9020
72
reference_url https://access.redhat.com/errata/RHSA-2025:9025
reference_id RHSA-2025:9025
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9025
73
reference_url https://access.redhat.com/errata/RHSA-2025:9043
reference_id RHSA-2025:9043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9043
74
reference_url https://access.redhat.com/errata/RHSA-2025:9059
reference_id RHSA-2025:9059
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9059
75
reference_url https://access.redhat.com/errata/RHSA-2025:9060
reference_id RHSA-2025:9060
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9060
76
reference_url https://access.redhat.com/errata/RHSA-2025:9061
reference_id RHSA-2025:9061
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9061
77
reference_url https://access.redhat.com/errata/RHSA-2025:9062
reference_id RHSA-2025:9062
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9062
78
reference_url https://access.redhat.com/errata/RHSA-2025:9063
reference_id RHSA-2025:9063
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9063
79
reference_url https://access.redhat.com/errata/RHSA-2025:9064
reference_id RHSA-2025:9064
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9064
80
reference_url https://access.redhat.com/errata/RHSA-2025:9065
reference_id RHSA-2025:9065
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9065
81
reference_url https://access.redhat.com/errata/RHSA-2025:9067
reference_id RHSA-2025:9067
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9067
82
reference_url https://access.redhat.com/errata/RHSA-2025:9069
reference_id RHSA-2025:9069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9069
83
reference_url https://access.redhat.com/errata/RHSA-2025:9070
reference_id RHSA-2025:9070
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9070
84
reference_url https://access.redhat.com/errata/RHSA-2025:9078
reference_id RHSA-2025:9078
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9078
85
reference_url https://access.redhat.com/errata/RHSA-2025:9102
reference_id RHSA-2025:9102
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9102
86
reference_url https://access.redhat.com/errata/RHSA-2025:9106
reference_id RHSA-2025:9106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9106
87
reference_url https://access.redhat.com/errata/RHSA-2025:9142
reference_id RHSA-2025:9142
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9142
88
reference_url https://access.redhat.com/errata/RHSA-2025:9143
reference_id RHSA-2025:9143
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9143
89
reference_url https://access.redhat.com/errata/RHSA-2025:9144
reference_id RHSA-2025:9144
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9144
90
reference_url https://access.redhat.com/errata/RHSA-2025:9145
reference_id RHSA-2025:9145
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9145
91
reference_url https://access.redhat.com/errata/RHSA-2025:9146
reference_id RHSA-2025:9146
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9146
92
reference_url https://access.redhat.com/errata/RHSA-2025:9147
reference_id RHSA-2025:9147
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9147
93
reference_url https://access.redhat.com/errata/RHSA-2025:9148
reference_id RHSA-2025:9148
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9148
94
reference_url https://access.redhat.com/errata/RHSA-2025:9149
reference_id RHSA-2025:9149
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9149
95
reference_url https://access.redhat.com/errata/RHSA-2025:9150
reference_id RHSA-2025:9150
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9150
96
reference_url https://access.redhat.com/errata/RHSA-2025:9151
reference_id RHSA-2025:9151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9151
97
reference_url https://access.redhat.com/errata/RHSA-2025:9156
reference_id RHSA-2025:9156
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9156
98
reference_url https://access.redhat.com/errata/RHSA-2025:9172
reference_id RHSA-2025:9172
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9172
99
reference_url https://access.redhat.com/errata/RHSA-2025:9177
reference_id RHSA-2025:9177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9177
100
reference_url https://access.redhat.com/errata/RHSA-2025:9199
reference_id RHSA-2025:9199
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9199
101
reference_url https://access.redhat.com/errata/RHSA-2025:9200
reference_id RHSA-2025:9200
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9200
102
reference_url https://access.redhat.com/errata/RHSA-2025:9205
reference_id RHSA-2025:9205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9205
103
reference_url https://access.redhat.com/errata/RHSA-2025:9206
reference_id RHSA-2025:9206
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9206
104
reference_url https://access.redhat.com/errata/RHSA-2025:9207
reference_id RHSA-2025:9207
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9207
105
reference_url https://access.redhat.com/errata/RHSA-2025:9278
reference_id RHSA-2025:9278
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9278
106
reference_url https://access.redhat.com/errata/RHSA-2025:9279
reference_id RHSA-2025:9279
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9279
107
reference_url https://access.redhat.com/errata/RHSA-2025:9311
reference_id RHSA-2025:9311
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9311
108
reference_url https://access.redhat.com/errata/RHSA-2025:9312
reference_id RHSA-2025:9312
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9312
109
reference_url https://access.redhat.com/errata/RHSA-2025:9313
reference_id RHSA-2025:9313
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9313
110
reference_url https://access.redhat.com/errata/RHSA-2025:9317
reference_id RHSA-2025:9317
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9317
111
reference_url https://access.redhat.com/errata/RHSA-2025:9319
reference_id RHSA-2025:9319
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9319
112
reference_url https://access.redhat.com/errata/RHSA-2025:9342
reference_id RHSA-2025:9342
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9342
113
reference_url https://access.redhat.com/errata/RHSA-2025:9623
reference_id RHSA-2025:9623
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9623
114
reference_url https://access.redhat.com/errata/RHSA-2025:9634
reference_id RHSA-2025:9634
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9634
115
reference_url https://access.redhat.com/errata/RHSA-2025:9635
reference_id RHSA-2025:9635
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9635
116
reference_url https://access.redhat.com/errata/RHSA-2025:9637
reference_id RHSA-2025:9637
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9637
117
reference_url https://access.redhat.com/errata/RHSA-2025:9638
reference_id RHSA-2025:9638
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9638
118
reference_url https://access.redhat.com/errata/RHSA-2025:9639
reference_id RHSA-2025:9639
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9639
119
reference_url https://access.redhat.com/errata/RHSA-2025:9640
reference_id RHSA-2025:9640
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9640
120
reference_url https://access.redhat.com/errata/RHSA-2025:9641
reference_id RHSA-2025:9641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9641
121
reference_url https://access.redhat.com/errata/RHSA-2025:9642
reference_id RHSA-2025:9642
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9642
122
reference_url https://access.redhat.com/errata/RHSA-2025:9711
reference_id RHSA-2025:9711
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9711
123
reference_url https://access.redhat.com/errata/RHSA-2025:9712
reference_id RHSA-2025:9712
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9712
124
reference_url https://access.redhat.com/errata/RHSA-2025:9713
reference_id RHSA-2025:9713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9713
125
reference_url https://access.redhat.com/errata/RHSA-2025:9714
reference_id RHSA-2025:9714
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9714
126
reference_url https://access.redhat.com/errata/RHSA-2025:9715
reference_id RHSA-2025:9715
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9715
127
reference_url https://access.redhat.com/errata/RHSA-2025:9756
reference_id RHSA-2025:9756
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9756
128
reference_url https://access.redhat.com/errata/RHSA-2025:9844
reference_id RHSA-2025:9844
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9844
129
reference_url https://access.redhat.com/errata/RHSA-2025:9845
reference_id RHSA-2025:9845
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9845
130
reference_url https://access.redhat.com/errata/RHSA-2025:9975
reference_id RHSA-2025:9975
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9975
131
reference_url https://access.redhat.com/errata/RHSA-2025:9986
reference_id RHSA-2025:9986
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:9986
132
reference_url https://access.redhat.com/errata/RHSA-2026:6493
reference_id RHSA-2026:6493
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6493
fixed_packages
aliases CVE-2025-22871, GHSA-g9pc-8g42-g6vq
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7y8a-8can-nba1
1
url VCID-ss32-rtp3-zufc
vulnerability_id VCID-ss32-rtp3-zufc
summary 
Grafana Cross-Site-Scripting (XSS) via custom loaded frontend plugin
A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attackers to redirect users to a website that hosts a frontend plugin that will execute arbitrary JavaScript. This vulnerability does not require editor permissions and if anonymous access is enabled, the XSS will work. If the Grafana Image Renderer plugin is installed, it is possible to exploit the open redirect to achieve a full read SSRF.

The default Content-Security-Policy (CSP) in Grafana will block the XSS though the `connect-src` directive.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4123.json
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4123.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-4123
reference_id
reference_type
scores
0
value 0.02887
scoring_system epss
scoring_elements 0.86273
published_at 2026-04-07T12:55:00Z
1
value 0.02887
scoring_system epss
scoring_elements 0.86301
published_at 2026-04-09T12:55:00Z
2
value 0.02887
scoring_system epss
scoring_elements 0.86291
published_at 2026-04-08T12:55:00Z
3
value 0.0387
scoring_system epss
scoring_elements 0.88228
published_at 2026-04-13T12:55:00Z
4
value 0.0387
scoring_system epss
scoring_elements 0.88236
published_at 2026-04-11T12:55:00Z
5
value 0.0387
scoring_system epss
scoring_elements 0.8826
published_at 2026-04-24T12:55:00Z
6
value 0.0387
scoring_system epss
scoring_elements 0.88241
published_at 2026-04-21T12:55:00Z
7
value 0.0387
scoring_system epss
scoring_elements 0.88242
published_at 2026-04-16T12:55:00Z
8
value 0.06301
scoring_system epss
scoring_elements 0.9091
published_at 2026-04-02T12:55:00Z
9
value 0.08544
scoring_system epss
scoring_elements 0.9237
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-4123
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/grafana/grafana
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana
4
reference_url https://github.com/grafana/grafana/commit/c7a690348df761d41b659224cbc50a46a0c0e4cc
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/grafana/grafana/commit/c7a690348df761d41b659224cbc50a46a0c0e4cc
5
reference_url https://grafana.com/blog/2025/05/23/grafana-security-release-medium-and-high-severity-security-fixes-for-cve-2025-4123-and-cve-2025-3580
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://grafana.com/blog/2025/05/23/grafana-security-release-medium-and-high-severity-security-fixes-for-cve-2025-4123-and-cve-2025-3580
6
reference_url https://grafana.com/security/security-advisories/cve-2025-4123
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://grafana.com/security/security-advisories/cve-2025-4123
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-4123
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-4123
8
reference_url https://pkg.go.dev/vuln/GO-2025-3702
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://pkg.go.dev/vuln/GO-2025-3702
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2364632
reference_id 2364632
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2364632
10
reference_url https://grafana.com/security/security-advisories/cve-2025-4123/
reference_id cve-2025-4123
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-22T13:21:28Z/
url https://grafana.com/security/security-advisories/cve-2025-4123/
11
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52491.txt
reference_id CVE-2025-4123
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52491.txt
12
reference_url https://grafana.com/blog/2025/05/23/grafana-security-release-medium-and-high-severity-security-fixes-for-cve-2025-4123-and-cve-2025-3580/
reference_id grafana-security-release-medium-and-high-severity-security-fixes-for-cve-2025-4123-and-cve-2025-3580
reference_type
scores
0
value 7.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-22T13:21:28Z/
url https://grafana.com/blog/2025/05/23/grafana-security-release-medium-and-high-severity-security-fixes-for-cve-2025-4123-and-cve-2025-3580/
13
reference_url https://access.redhat.com/errata/RHSA-2025:7892
reference_id RHSA-2025:7892
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7892
14
reference_url https://access.redhat.com/errata/RHSA-2025:7893
reference_id RHSA-2025:7893
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7893
15
reference_url https://access.redhat.com/errata/RHSA-2025:7894
reference_id RHSA-2025:7894
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:7894
16
reference_url https://access.redhat.com/errata/RHSA-2025:8665
reference_id RHSA-2025:8665
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8665
17
reference_url https://access.redhat.com/errata/RHSA-2025:8679
reference_id RHSA-2025:8679
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8679
18
reference_url https://access.redhat.com/errata/RHSA-2025:8680
reference_id RHSA-2025:8680
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8680
19
reference_url https://access.redhat.com/errata/RHSA-2025:8681
reference_id RHSA-2025:8681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8681
20
reference_url https://access.redhat.com/errata/RHSA-2025:8683
reference_id RHSA-2025:8683
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8683
21
reference_url https://access.redhat.com/errata/RHSA-2025:8684
reference_id RHSA-2025:8684
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8684
22
reference_url https://access.redhat.com/errata/RHSA-2025:8685
reference_id RHSA-2025:8685
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8685
fixed_packages
aliases CVE-2025-4123, GHSA-q53q-gxq9-mgrj
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ss32-rtp3-zufc
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/grafana@7.5.15-7%3Farch=el8_8