Red Hat Security Advisory: grafana security update
Red Hat has issued a security advisory for Grafana addressing two vulnerabilities: a request smuggling issue in net/http (CVE-2025-22871) and a cross-site scripting (XSS) vulnerability in Grafana via custom frontend plugins and open redirect (CVE-2025-4123). These vulnerabilities affect Red Hat Enterprise Linux 9. 4 Extended Update Support and related packages. The advisory rates the security impact as Important and provides updated packages to remediate these issues. No known exploits are reported in the wild at this time.
AI Analysis
Technical Summary
This advisory covers two security flaws in Grafana as packaged for Red Hat Enterprise Linux 9.4 EUS. CVE-2025-22871 is a request smuggling vulnerability in the net/http package caused by acceptance of invalid chunked data. CVE-2025-4123 is a cross-site scripting (XSS) vulnerability in Grafana, exploitable via custom frontend plugins and open redirect vectors. Red Hat has released updated Grafana packages (version 9.2.10-23.el9_4) to address these issues. The advisory applies to multiple architectures including x86_64, s390x, ppc64le, and aarch64. The vendor rates the update as Important and provides detailed package updates and instructions for remediation.
Potential Impact
Successful exploitation of CVE-2025-22871 could allow an attacker to perform HTTP request smuggling, potentially bypassing security controls or interfering with HTTP traffic processing. CVE-2025-4123 could allow an attacker to execute arbitrary scripts in the context of the Grafana web interface via XSS, potentially leading to session hijacking or redirection to malicious sites. No known exploits are currently reported in the wild. The vulnerabilities affect Red Hat Enterprise Linux 9.4 Extended Update Support installations running the affected Grafana versions.
Mitigation Recommendations
Red Hat has released updated Grafana packages for Red Hat Enterprise Linux 9.4 Extended Update Support that fix these vulnerabilities. Users should apply the updates as described in the Red Hat advisory RHSA-2025:8665 and the referenced article https://access.redhat.com/articles/11258. Since this is an official fix, applying the vendor-provided update is the recommended remediation. No additional mitigations are specified or required beyond applying the update.
Red Hat Security Advisory: grafana security update
Description
Red Hat has issued a security advisory for Grafana addressing two vulnerabilities: a request smuggling issue in net/http (CVE-2025-22871) and a cross-site scripting (XSS) vulnerability in Grafana via custom frontend plugins and open redirect (CVE-2025-4123). These vulnerabilities affect Red Hat Enterprise Linux 9. 4 Extended Update Support and related packages. The advisory rates the security impact as Important and provides updated packages to remediate these issues. No known exploits are reported in the wild at this time.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This advisory covers two security flaws in Grafana as packaged for Red Hat Enterprise Linux 9.4 EUS. CVE-2025-22871 is a request smuggling vulnerability in the net/http package caused by acceptance of invalid chunked data. CVE-2025-4123 is a cross-site scripting (XSS) vulnerability in Grafana, exploitable via custom frontend plugins and open redirect vectors. Red Hat has released updated Grafana packages (version 9.2.10-23.el9_4) to address these issues. The advisory applies to multiple architectures including x86_64, s390x, ppc64le, and aarch64. The vendor rates the update as Important and provides detailed package updates and instructions for remediation.
Potential Impact
Successful exploitation of CVE-2025-22871 could allow an attacker to perform HTTP request smuggling, potentially bypassing security controls or interfering with HTTP traffic processing. CVE-2025-4123 could allow an attacker to execute arbitrary scripts in the context of the Grafana web interface via XSS, potentially leading to session hijacking or redirection to malicious sites. No known exploits are currently reported in the wild. The vulnerabilities affect Red Hat Enterprise Linux 9.4 Extended Update Support installations running the affected Grafana versions.
Mitigation Recommendations
Red Hat has released updated Grafana packages for Red Hat Enterprise Linux 9.4 Extended Update Support that fix these vulnerabilities. Users should apply the updates as described in the Red Hat advisory RHSA-2025:8665 and the referenced article https://access.redhat.com/articles/11258. Since this is an official fix, applying the vendor-provided update is the recommended remediation. No additional mitigations are specified or required beyond applying the update.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:8665
- Cve Count
- 2
- Additional Cves
- ["CVE-2025-22871"]
- Cvss Version
- null
Threat ID: 6a18be67e29bf47b503872b8
Added to database: 5/28/2026, 10:15:03 PM
Last enriched: 5/28/2026, 10:33:33 PM
Last updated: 5/29/2026, 5:00:03 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.