Vulnerability-Lookup - Search a vulnerability

Refine your search

Product

Sort by

Order

Sources

1 vulnerability found for Greffon Image Renderer by Grafana Labs

CERTFR-2025-AVI-0554

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Grafana Labs. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Grafana Labs	Synthetic Monitoring Agent	Synthetic Monitoring Agent versions antérieures à 0.38.3
	Grafana Labs	Greffon Image Renderer	Greffon Image Renderer versions antérieures à 3.12.9

References

Title

Publication Time

Tags

Bulletin de sécurité Grafana cve-2025-5959

2025-07-02

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Synthetic Monitoring Agent versions ant\u00e9rieures \u00e0 0.38.3",
      "product": {
        "name": "Synthetic Monitoring Agent",
        "vendor": {
          "name": "Grafana Labs",
          "scada": false
        }
      }
    },
    {
      "description": "Greffon Image Renderer versions ant\u00e9rieures \u00e0 3.12.9",
      "product": {
        "name": "Greffon Image Renderer",
        "vendor": {
          "name": "Grafana Labs",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2025-5959",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-5959"
    },
    {
      "name": "CVE-2025-6192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6192"
    },
    {
      "name": "CVE-2025-6191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6191"
    },
    {
      "name": "CVE-2025-6554",
      "url": "https://www.cve.org/CVERecord?id=CVE-2025-6554"
    }
  ],
  "initial_release_date": "2025-07-03T00:00:00",
  "last_revision_date": "2025-07-03T00:00:00",
  "links": [],
  "reference": "CERTFR-2025-AVI-0554",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2025-07-03T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Grafana Labs. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Grafana",
  "vendor_advisories": [
    {
      "published_at": "2025-07-02",
      "title": "Bulletin de s\u00e9curit\u00e9 Grafana cve-2025-5959",
      "url": "https://grafana.com/blog/2025/07/02/grafana-security-update-critical-severity-security-release-for-cve-2025-5959-cve-2025-6554-cve-2025-6191-and-cve-2025-6192-in-grafana-image-renderer-plugin-and-synthetic-monitoring-agent/"
    }
  ]
}