FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-07-20 04:36:57 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
6adfda5a-2118-11f0-8ca6-6c3be5272acdGrafana -- Bypass Viewer and Editor permissions

Grafana Labs reports:

During the development of a new feature in Grafana 11.6.x, a security vulnerability was introduced that allows for Viewers and Editors to bypass dashboard-specific permissions. As a result, users with the Viewer role could view all the dashboards within their org and users with the Editor role could view, edit, and delete all the dashboards in their org.

Note: Organization isolation boundaries still apply, which means viewers and editors in one organization cannot view or edit dashboards in another org. Also this vulnerability does not allow users to query data via data sources they don’t have access to.

The CVSS score for this vulnerability is 8.3 HIGH.


Discovery 2025-04-04
Entry 2025-04-24
grafana
>= 11.6.0 lt 11.6.0+security-01

CVE-2025-3260
https://grafana.com/blog/2025/04/22/grafana-security-release-medium-and-high-severity-fixes-for-cve-2025-3260-cve-2025-2703-cve-2025-3454/