Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS1jcnZ2LTZ3NmgtY3YzNM4ABJI-

Low EPSS: 0.00068% (0.21268 Percentile) EPSS:
Permalink JSON

Grafana long dashboard title or panel name causes unresponsives

Affected Packages Affected Versions Fixed Versions
go:github.com/grafana/grafana < 0.0.0-20250521211231-e0ba4b480954, >= 0.0.1-test, < 11.6.2 0.0.0-20250521211231-e0ba4b480954, 11.6.2
37 Dependent packages
50 Dependent repositories

Affected Version Ranges

All affected versions

0.0.1-test, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.1.0, 1.2.0, 1.3.0, 1.4.0, 1.5.0, 1.5.1, 1.5.2, 1.5.3, 1.5.4, 1.6.0, 1.6.1, 1.7.0, 1.8.0, 1.8.1, 1.9.0, 1.9.1, 2.0.1, 2.0.2, 2.1.0, 2.1.1, 2.1.2, 2.1.3, 2.5.0, 2.6.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.1.0, 3.1.1, 4.0.0, 4.0.1, 4.0.2, 4.1.0, 4.1.1, 4.1.2, 4.2.0, 4.3.0, 4.3.1, 4.3.2, 4.4.0, 4.4.1, 4.4.2, 4.4.3, 4.5.0, 4.5.1, 4.5.2, 4.6.0, 4.6.1, 4.6.2, 4.6.3, 4.6.4, 4.6.5, 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.0.4, 5.1.0, 5.1.1, 5.1.2, 5.1.3, 5.1.4, 5.1.5, 5.2.0, 5.2.1, 5.2.2, 5.2.3, 5.2.4, 5.2.5, 5.3.0, 5.3.1, 5.3.2, 5.3.3, 5.3.4, 5.4.0, 5.4.1, 5.4.2, 5.4.3, 5.4.4, 5.4.5, 6.0.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1, 6.1.2, 6.1.3, 6.1.4, 6.1.6

All unaffected versions

In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vulnerability in Grafana.
This issue affects Grafana: before 11.6.2 and is fixed in 11.6.2 and higher.

References:

Identifiers

GHSA-crvv-6w6h-cv34

CVE-2025-1088

Risk

Severity

Low

EPSS

EPSS Percentage: 0.00068

EPSS Percentile: 0.21268

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Date and time

Published

about 1 month ago

Updated

about 1 month ago

API

JSON