[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2025:4482-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T08:55:34.825Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":28,"duplicates":29,"related":30,"reserved_at":9,"published_at":38,"modified_at":39,"state":9,"summary":40,"references_raw":42,"kevs":108,"epss":9,"epss_history":109,"metrics":110,"affected":111},"SUSE-SU-2025:4482-1","Security update for grafana\n\nThis update for grafana fixes the following issues:\n\ngrafana was updated from version 11.5.5 to 11.5.10:\n\n- Security issues fixed:\n\n  * CVE-2025-64751: Dropped experimental implementation of authorization Zanzana server/client (version 11.5.10)\n    (bsc#1254113)\n  * CVE-2025-47911: Fixed parsing HTML documents (version 11.5.10) (bsc#1251454)\n  * CVE-2025-58190: Fixed excessive memory consumption (version 11.5.10) (bsc#1251657)\n  * CVE-2025-11065: Fixed sensitive information leak in logs (version 11.5.9) (bsc#1250616)\n  * CVE-2025-6023: Fixed cross-site-scripting via scripted dashboards (version 11.5.7) (bsc#1246735)\n  * CVE-2025-6197: Fixed open redirect in organization switching (version 11.5.7) (bsc#1246736)\n  * CVE-2025-3415: Fixed exposure of DingDing alerting integration URL to Viewer level users (version 11.5.6)\n                   (bsc#1245302)\n\n- Other changes, new features and bugs fixed:\n\n  * Version 11.5.10:\n    + Use forked wire from Grafana repository instead of external package (jsc#PED-14178)\n    + Auth: Fix render user OAuth passthrough.\n    + LDAP Authentication: Fix URL to propagate username context as parameter.\n    + Plugins: Dependencies do not inherit parent URL for preinstall.\n\n  * Version 11.5.9:\n    + Auditing: Document new options for recording datasource query request/response body.\n    + Login: Fixed redirection after login when Grafana is served from subpath.\n\n  * Version 11.5.7:\n    + Azure: Fixed legend formatting and resource name determination in template variable queries.\n\n",null,[],[],[],[14,16,18,20,22,24,26],{"_key":15},"CVE-2025-11065",{"_key":17},"CVE-2025-3415",{"_key":19},"CVE-2025-47911",{"_key":21},"CVE-2025-58190",{"_key":23},"CVE-2025-6023",{"_key":25},"CVE-2025-6197",{"_key":27},"CVE-2025-64751",[],[],[31,32,33,34,35,36,37],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},"2025-12-18T12:22:20Z","2026-03-23T04:51:35.270044Z",{"cisa_kev":41,"cisa_ransomware":41,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[43,50,55,59,63,67,71,75,79,84,88,92,96,100,104],{"url":44,"sources":45,"tags":48},"https://www.suse.com/support/update/announcement/2025/suse-su-20254482-1/",[46,47],"osv_suse","osv_opensuse",[49],"Advisory",{"url":51,"sources":52,"tags":53},"https://bugzilla.suse.com/1245302",[46,47],[54],"REPORT",{"url":56,"sources":57,"tags":58},"https://bugzilla.suse.com/1246735",[46,47],[54],{"url":60,"sources":61,"tags":62},"https://bugzilla.suse.com/1246736",[46,47],[54],{"url":64,"sources":65,"tags":66},"https://bugzilla.suse.com/1250616",[46,47],[54],{"url":68,"sources":69,"tags":70},"https://bugzilla.suse.com/1251454",[46,47],[54],{"url":72,"sources":73,"tags":74},"https://bugzilla.suse.com/1251657",[46,47],[54],{"url":76,"sources":77,"tags":78},"https://bugzilla.suse.com/1254113",[46,47],[54],{"url":80,"sources":81,"tags":82},"https://www.suse.com/security/cve/CVE-2025-11065",[46,47],[83],"WEB",{"url":85,"sources":86,"tags":87},"https://www.suse.com/security/cve/CVE-2025-3415",[46,47],[83],{"url":89,"sources":90,"tags":91},"https://www.suse.com/security/cve/CVE-2025-47911",[46,47],[83],{"url":93,"sources":94,"tags":95},"https://www.suse.com/security/cve/CVE-2025-58190",[46,47],[83],{"url":97,"sources":98,"tags":99},"https://www.suse.com/security/cve/CVE-2025-6023",[46,47],[83],{"url":101,"sources":102,"tags":103},"https://www.suse.com/security/cve/CVE-2025-6197",[46,47],[83],{"url":105,"sources":106,"tags":107},"https://www.suse.com/security/cve/CVE-2025-64751",[46,47],[83],[],[],[],[112,125,131],{"ecosystem":113,"name":114,"vendor":115,"product":116,"cpe_part":9,"purl_type":117,"purl_namespace":115,"purl_name":116,"source":9,"versions":118},"openSUSE","grafana","opensuse","grafana&distro=openSUSE Leap 15.6","rpm",[119],{"version":120,"is_range":121,"range_type":122,"version_start":9,"version_start_type":9,"version_end":123,"version_end_type":124,"fixed_in":9},"lt11_5_10_150200_3_80_1",true,"ecosystem","11.5.10-150200.3.80.1","excluding",{"ecosystem":126,"name":114,"vendor":127,"product":128,"cpe_part":9,"purl_type":117,"purl_namespace":127,"purl_name":128,"source":9,"versions":129},"SUSE Linux Enterprise","suse","grafana&distro=SUSE Linux Enterprise Module for Package Hub 15 SP6",[130],{"version":120,"is_range":121,"range_type":122,"version_start":9,"version_start_type":9,"version_end":123,"version_end_type":124,"fixed_in":9},{"ecosystem":126,"name":114,"vendor":127,"product":132,"cpe_part":9,"purl_type":117,"purl_namespace":127,"purl_name":132,"source":9,"versions":133},"grafana&distro=SUSE Linux Enterprise Module for Package Hub 15 SP7",[134],{"version":120,"is_range":121,"range_type":122,"version_start":9,"version_start_type":9,"version_end":123,"version_end_type":124,"fixed_in":9}]