Skip to Content.
Sympa Menu

perfsonar-announce - [perfsonar-announce] Recent Grafana Vulnerability

Subject: perfSONAR Announcements

List archive

[perfsonar-announce] Recent Grafana Vulnerability


Chronological Thread 
    < Chronological >      < Thread >
  • From: Mark Feit <>
  • To: "" <>, perfsonar-user <>
  • Subject: [perfsonar-announce] Recent Grafana Vulnerability
  • Date: Fri, 11 Jul 2025 14:00:50 +0000
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=internet2.edu; dmarc=pass action=none header.from=internet2.edu; dkim=pass header.d=internet2.edu; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=WEPhqz8BMsHuZebU87ZvE9zZT+Mtow9IwOGfXQtEnO4=; b=SOD0+5BCYrls0Ay17H6UvHeAegMyiU+awgKjmqgqyiPLDhE91GTpYtlwrFdqPHWtGL7q7XBy5CP/Lm6IZ21icqNWJhqblITiVlqrq8GAUwqzvefLfqykUpRRVRf+EFXRf53uLRnci1BytP5gs5hwfi1kS3S7klF8ii5wfpmXiwIT6CXjXx+/k1TrWRx3g2lJMdol+4UPx+711Zhiox8t4gNc6nyxMemlfT0rAeoMRmLdrItrGnsD3B61NO/UHYuJVKlbDa434u1ilRT+robm0fmVFdKMzyfF0MKDOHMaf+iq2lg4vNCiT2BYXy9hDheGeMZ9OfrOZHklH54ITJQTbA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=GFKDL1dM+LTLInGKzlzofCMmxDx9jE0wciW32p6xcvrh1wgLLwU+tIhIetg4smJ6huX+e3iCCCXpbLtGD1wUt9fK1HqmHhtvQTbscdLGnZ5Zx0s4nJ2m8wWg+cOc0C//CThZMiB+vftoFKVVqW0KDG2aHmqjHF+j9TZV6SUM2tmejsCQf7tOFYb6kqC63tsliaGw6ve8+0ujNRJ9thdgw8SObULak73/hay6k5ZTEoOwR12HcVqji7NrPLOK1c6HsW1ItTROaPV13oHKLbhqS1hD4D6jG9PbiE7RNGfbsnieL4FnOXfwoTzbIOJDY+EOB45Y3G9o+y1MHWQ02WTqeA==

News has been circulating of a critical vulnerability in Chromium that affects Grafana’s Image Renderer and Synthetic Monitoring Agent plugins.

 

Installations and configurations of Grafana provided as part of anything the perfSONAR project distributes do not include these plugins and are not subject to this vulnerability.

 

Those who have customized their Grafana installations to include either plugin should follow the mitigation instructions in the announcement linked above.

 

Please drop us a line if you have comments, questions or concerns.

 

--Mark

 


  • [perfsonar-announce] Recent Grafana Vulnerability, Mark Feit, 07/11/2025

Archive powered by MHonArc 2.6.24.

Top of Page