## This update for grafana fixes the following issues: grafana was updated from version 11.5.5 to 11.5.10: * Security issues fixed: * CVE-2025-64751: Dropped experimental implementation of authorization Zanzana server/client (version 11.5.10) (bsc#1254113) * CVE-2025-47911: Fixed parsing HTML documents (version 11.5.10) (bsc#1251454) * CVE-2025-58190: Fixed excessive memory consumption (version 11.5.10) (bsc#1251657) * CVE-2025-11065: Fixed sensitive information leak in logs (version 11.5.9) (bsc#1250616) * CVE-2025-6023: Fixed cross-site-scripting via scripted dashboards (version 11.5.7) (bsc#1246735) * CVE-2025-6197: Fixed open redirect in organization switching (version 11.5.7) (bsc#1246736) * CVE-2025-3415: Fixed exposure of DingDing alerting integration URL to Viewer
* bsc#1245302
* bsc#1246735
* bsc#1246736
* bsc#1250616
* bsc#1251454
* bsc#1251657
* bsc#1254113
* jsc#MSQA-1034
* jsc#PED-14178
Cross-
* CVE-2025-11065
* CVE-2025-3415
* CVE-2025-47911
* CVE-2025-58190
* CVE-2025-6023
* CVE-2025-6197
* CVE-2025-64751
CVSS scores:
* CVE-2025-11065 ( SUSE ): 5.7
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-11065 ( SUSE ): 4.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
* CVE-2025-3415 ( SUSE ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-3415 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-3415 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-47911 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
Get the latest Linux and open source security news straight to your inbox.