Описание
ELSA-2025-0401: grafana security update (IMPORTANT)
[9.2.10-21]
- Resolves RHEL-72881: CVE-2025-21614
- Resolves RHEL-72869: CVE-2025-21613
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
grafana
9.2.10-21.el8_10
grafana-selinux
9.2.10-21.el8_10
Oracle Linux x86_64
grafana
9.2.10-21.el8_10
grafana-selinux
9.2.10-21.el8_10
Связанные CVE
Связанные уязвимости
CVSS3: 7.5
ubuntu
5 месяцев назад
go-git is a highly extensible git implementation library written in pure Go. A denial of service (DoS) vulnerability was discovered in go-git versions prior to v5.13. This vulnerability allows an attacker to perform denial of service attacks by providing specially crafted responses from a Git server which triggers resource exhaustion in go-git clients. Users running versions of go-git from v4 and above are recommended to upgrade to v5.13 in order to mitigate this vulnerability.