Red Hat Security Advisory: grafana security update
Red Hat has issued a security advisory for Grafana addressing two vulnerabilities: a request smuggling issue in net/http (CVE-2025-22871) and a cross-site scripting (XSS) vulnerability via custom frontend plugins and open redirect in Grafana (CVE-2025-4123). These vulnerabilities affect Red Hat Enterprise Linux 9. 2 and related packages. The advisory rates the impact as important and provides updated packages to remediate the issues. No known exploits are reported in the wild at this time.
AI Analysis
Technical Summary
This advisory covers two security issues in Grafana as packaged for Red Hat Enterprise Linux 9.2. The first is a request smuggling vulnerability in the net/http package caused by acceptance of invalid chunked data (CVE-2025-22871). The second is a cross-site scripting (XSS) vulnerability and an open redirect issue in Grafana via custom frontend plugins (CVE-2025-4123). Both vulnerabilities are addressed in updated Grafana packages provided by Red Hat. The advisory includes detailed package versions and SHA-256 checksums for verification.
Potential Impact
Successful exploitation of CVE-2025-4123 could allow an attacker to perform cross-site scripting attacks or redirect users to malicious sites, potentially leading to session hijacking or phishing. CVE-2025-22871 could allow an attacker to perform HTTP request smuggling, which may lead to bypassing security controls or interfering with HTTP traffic processing. The advisory rates the overall impact as important, indicating significant but not critical risk. No known exploits in the wild have been reported.
Mitigation Recommendations
Red Hat has released updated Grafana packages for Red Hat Enterprise Linux 9.2 that address these vulnerabilities. Users should apply these official updates as described in the Red Hat advisory (RHSA-2025:8680) and the referenced article https://access.redhat.com/articles/11258. Since this is not a cloud service, remediation requires manual patching by system administrators. Patch status is confirmed by the vendor advisory.
Red Hat Security Advisory: grafana security update
Description
Red Hat has issued a security advisory for Grafana addressing two vulnerabilities: a request smuggling issue in net/http (CVE-2025-22871) and a cross-site scripting (XSS) vulnerability via custom frontend plugins and open redirect in Grafana (CVE-2025-4123). These vulnerabilities affect Red Hat Enterprise Linux 9. 2 and related packages. The advisory rates the impact as important and provides updated packages to remediate the issues. No known exploits are reported in the wild at this time.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This advisory covers two security issues in Grafana as packaged for Red Hat Enterprise Linux 9.2. The first is a request smuggling vulnerability in the net/http package caused by acceptance of invalid chunked data (CVE-2025-22871). The second is a cross-site scripting (XSS) vulnerability and an open redirect issue in Grafana via custom frontend plugins (CVE-2025-4123). Both vulnerabilities are addressed in updated Grafana packages provided by Red Hat. The advisory includes detailed package versions and SHA-256 checksums for verification.
Potential Impact
Successful exploitation of CVE-2025-4123 could allow an attacker to perform cross-site scripting attacks or redirect users to malicious sites, potentially leading to session hijacking or phishing. CVE-2025-22871 could allow an attacker to perform HTTP request smuggling, which may lead to bypassing security controls or interfering with HTTP traffic processing. The advisory rates the overall impact as important, indicating significant but not critical risk. No known exploits in the wild have been reported.
Mitigation Recommendations
Red Hat has released updated Grafana packages for Red Hat Enterprise Linux 9.2 that address these vulnerabilities. Users should apply these official updates as described in the Red Hat advisory (RHSA-2025:8680) and the referenced article https://access.redhat.com/articles/11258. Since this is not a cloud service, remediation requires manual patching by system administrators. Patch status is confirmed by the vendor advisory.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:8680
- Cve Count
- 2
- Additional Cves
- ["CVE-2025-22871"]
- Cvss Version
- null
Threat ID: 6a18be67e29bf47b503872aa
Added to database: 5/28/2026, 10:15:03 PM
Last enriched: 5/28/2026, 10:33:40 PM
Last updated: 5/29/2026, 6:54:43 AM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.