CNNVD-202509-3156 Information
CNNVD ID
CNNVD-202509-3156
Related CVE
- CNNVD Published: 2025-09-19
Description (Chinese)
Zabbix plugin for Grafana是Grafana Labs开源的一个用于Grafana仪表板的Zabbix插件。 Zabbix plugin for Grafana 5.2.1及之前版本存在安全漏洞,该漏洞源于用户提供的正则表达式查询可能导致正则表达式拒绝服务,致使CPU使用率达到最大值。
Description (English)
Zabix plugin for Grafana is a Zabfix plugin for the Grafana Labs open source. Zabix plugin for Grafana 5.2.1 and previous versions had a security loophole, which stemmed from regular expression queries provided by users that could lead to regular expression rejections, leading to maximum CPU usage.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Grafana Labs
Published
2025-09-19
Last Modified
2026-02-24
References
https://github.com/grafana/grafana-zabbix/releases/tag/v6.0.0 https://grafana.com/security/security-advisories/cve-2025-10630/ https://vigilance.fr/vulnerability/Grafana-Zabbix-overload-via-Regex-Query-48261 https://access.redhat.com/security/cve/cve-2025-10630
Patch
https://github.com/grafana/grafana/releases
Share on: