CVE-2025-4123 for Grafana | NetApp | Page 1

loud ether Aug 18, 2025, 3:12 PM

#

Just a heads up, we got this from our security team this morning for Grafana 11.5.2 (nabox)
https://grafana.com/blog/2025/05/23/grafana-security-release-medium-and-high-severity-security-fixes-for-cve-2025-4123-and-cve-2025-3580/

Grafana Labs

Grafana security release: Medium and high severity security fixes f...

Today we are releasing Grafana 12.0.1, 11.6.2, 11.5.5, 11.4.5, 11.3.7, 11.2.10, and 10.4.19, which include medium and high severity security fixes. If you are affected, we recommend that you install newly released versions.

novel horizon Aug 18, 2025, 3:13 PM

#

thanks @loud ether which version of Nabox are you running? @spare junco

loud ether Aug 18, 2025, 3:14 PM

#

It's 4.0.10.f9baaca

novel horizon Aug 18, 2025, 3:14 PM

#

thanks

loud ether Aug 18, 2025, 3:15 PM

#

i think it was the latest one but i could be wrong

#

i've slept since it was installed/updated

spare junco Aug 18, 2025, 6:02 PM

#

Thanks !

onyx plover Aug 25, 2025, 7:17 AM

#

I have a similar issue with the internal security
Will there be a new version of Nabox soon or is there the possibility to only update Grafana?

boreal tide Aug 25, 2025, 12:53 PM

#

Plus 1 here 😇

spare junco Aug 26, 2025, 8:16 PM

#

Working on it. Been working on other security configurations that were a bit of a challenge (CSP headers), looks like it is ok now.

loud ether Aug 26, 2025, 8:18 PM

#

cool, the CSP stuff is one we've had for a long time but was easy to put an exception in place for

spare junco Sep 2, 2025, 11:50 AM

#

4.0.11 available

#CVE-2025-4123 for Grafana