Issued:: 2025-05-13
Updated:: 2025-05-13

RHSA-2025:7475 - Security Advisory

Overview
Updated Packages

Synopsis

Important: grafana security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for grafana is now available for Red Hat Enterprise Linux 10.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.

Security Fix(es):

golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing (CVE-2025-30204)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 10 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64
Red Hat Enterprise Linux for IBM z Systems 10 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x
Red Hat Enterprise Linux for Power, little endian 10 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le
Red Hat Enterprise Linux for ARM 64 10 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64

Fixes

BZ - 2354195 - CVE-2025-30204 golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing

CVEs

CVE-2025-30204

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 10

SRPM
grafana-10.2.6-15.el10_0.src.rpm	SHA-256: 780a3aaec6f12788ddb181c3b495324c9a45e707380ad3419d0e1fe61c410d41
x86_64
grafana-10.2.6-15.el10_0.x86_64.rpm	SHA-256: 85e2cc9b6433f5c94601abc35d0182a564ed13e566e75f2a932cf697672ed488
grafana-debuginfo-10.2.6-15.el10_0.x86_64.rpm	SHA-256: 0aa96f5d8726d96a9db65d573b3d101b62c946351102b6c0100ddb21a274a6b8
grafana-debugsource-10.2.6-15.el10_0.x86_64.rpm	SHA-256: 4a1985af5dfde7ca32ee4b5f05c07f65a617598874db25946dd162456fc5a322
grafana-selinux-10.2.6-15.el10_0.x86_64.rpm	SHA-256: e310e6e796dd7cb836747f81413710ad9393ea50901aa5ba45e3378816be10dc

Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0

SRPM
grafana-10.2.6-15.el10_0.src.rpm	SHA-256: 780a3aaec6f12788ddb181c3b495324c9a45e707380ad3419d0e1fe61c410d41
x86_64
grafana-10.2.6-15.el10_0.x86_64.rpm	SHA-256: 85e2cc9b6433f5c94601abc35d0182a564ed13e566e75f2a932cf697672ed488
grafana-debuginfo-10.2.6-15.el10_0.x86_64.rpm	SHA-256: 0aa96f5d8726d96a9db65d573b3d101b62c946351102b6c0100ddb21a274a6b8
grafana-debugsource-10.2.6-15.el10_0.x86_64.rpm	SHA-256: 4a1985af5dfde7ca32ee4b5f05c07f65a617598874db25946dd162456fc5a322
grafana-selinux-10.2.6-15.el10_0.x86_64.rpm	SHA-256: e310e6e796dd7cb836747f81413710ad9393ea50901aa5ba45e3378816be10dc

Red Hat Enterprise Linux for IBM z Systems 10

SRPM
grafana-10.2.6-15.el10_0.src.rpm	SHA-256: 780a3aaec6f12788ddb181c3b495324c9a45e707380ad3419d0e1fe61c410d41
s390x
grafana-10.2.6-15.el10_0.s390x.rpm	SHA-256: 9afdca677ab3b28e95d109598b66dfb4093c43a68ac1247e38717830b106fbeb
grafana-debuginfo-10.2.6-15.el10_0.s390x.rpm	SHA-256: 271fba92da7683539ca25d616263a9c6b37481ca6e8d7f306fb665866c3fcc72
grafana-debugsource-10.2.6-15.el10_0.s390x.rpm	SHA-256: 806477127967b1eeb122c6433ac5de942051faed25e30268f13843f0240b52e4
grafana-selinux-10.2.6-15.el10_0.s390x.rpm	SHA-256: 6ca3e4b5708ffb1150c3b47d7b36327bc9a4be69fd1e90dc46d5eef545a0f83b

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0

SRPM
grafana-10.2.6-15.el10_0.src.rpm	SHA-256: 780a3aaec6f12788ddb181c3b495324c9a45e707380ad3419d0e1fe61c410d41
s390x
grafana-10.2.6-15.el10_0.s390x.rpm	SHA-256: 9afdca677ab3b28e95d109598b66dfb4093c43a68ac1247e38717830b106fbeb
grafana-debuginfo-10.2.6-15.el10_0.s390x.rpm	SHA-256: 271fba92da7683539ca25d616263a9c6b37481ca6e8d7f306fb665866c3fcc72
grafana-debugsource-10.2.6-15.el10_0.s390x.rpm	SHA-256: 806477127967b1eeb122c6433ac5de942051faed25e30268f13843f0240b52e4
grafana-selinux-10.2.6-15.el10_0.s390x.rpm	SHA-256: 6ca3e4b5708ffb1150c3b47d7b36327bc9a4be69fd1e90dc46d5eef545a0f83b

Red Hat Enterprise Linux for Power, little endian 10

SRPM
grafana-10.2.6-15.el10_0.src.rpm	SHA-256: 780a3aaec6f12788ddb181c3b495324c9a45e707380ad3419d0e1fe61c410d41
ppc64le
grafana-10.2.6-15.el10_0.ppc64le.rpm	SHA-256: 0e687a58f3bddbb4cfe473a8fde03fad846df0fe0dcd7981feda5ba20a548f8d
grafana-debuginfo-10.2.6-15.el10_0.ppc64le.rpm	SHA-256: 893f40e732431bbaca546c002dba19bd35b9e7277e3e31b413435b614c3845b3
grafana-debugsource-10.2.6-15.el10_0.ppc64le.rpm	SHA-256: af61234e418e19c60f90e87cc57d129affe2e84cd8953add3822f574de84710d
grafana-selinux-10.2.6-15.el10_0.ppc64le.rpm	SHA-256: cab004911f91ed9abea3e9392fd647d6a0e07cbdda78b0b05a57afdad8262eb3

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0

SRPM
grafana-10.2.6-15.el10_0.src.rpm	SHA-256: 780a3aaec6f12788ddb181c3b495324c9a45e707380ad3419d0e1fe61c410d41
ppc64le
grafana-10.2.6-15.el10_0.ppc64le.rpm	SHA-256: 0e687a58f3bddbb4cfe473a8fde03fad846df0fe0dcd7981feda5ba20a548f8d
grafana-debuginfo-10.2.6-15.el10_0.ppc64le.rpm	SHA-256: 893f40e732431bbaca546c002dba19bd35b9e7277e3e31b413435b614c3845b3
grafana-debugsource-10.2.6-15.el10_0.ppc64le.rpm	SHA-256: af61234e418e19c60f90e87cc57d129affe2e84cd8953add3822f574de84710d
grafana-selinux-10.2.6-15.el10_0.ppc64le.rpm	SHA-256: cab004911f91ed9abea3e9392fd647d6a0e07cbdda78b0b05a57afdad8262eb3

Red Hat Enterprise Linux for ARM 64 10

SRPM
grafana-10.2.6-15.el10_0.src.rpm	SHA-256: 780a3aaec6f12788ddb181c3b495324c9a45e707380ad3419d0e1fe61c410d41
aarch64
grafana-10.2.6-15.el10_0.aarch64.rpm	SHA-256: c8bb577612846d9d0b886d8de1fd84917972c6f57b9cb61f5d8bb9e1c51527ba
grafana-debuginfo-10.2.6-15.el10_0.aarch64.rpm	SHA-256: 39c1dcc7ac4735accf4833e5f308c504f82dd2f4351ad92c0d8a63eea6d2b484
grafana-debugsource-10.2.6-15.el10_0.aarch64.rpm	SHA-256: 04a4a5bd8e3a24dd596db539b32f1f96fa8b37d807ad971c33a779b2b763dea6
grafana-selinux-10.2.6-15.el10_0.aarch64.rpm	SHA-256: ebb82242ebcd107d603ea60e6033d5c52d41b39836c5240906046725fd3c4518

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0

SRPM
grafana-10.2.6-15.el10_0.src.rpm	SHA-256: 780a3aaec6f12788ddb181c3b495324c9a45e707380ad3419d0e1fe61c410d41
aarch64
grafana-10.2.6-15.el10_0.aarch64.rpm	SHA-256: c8bb577612846d9d0b886d8de1fd84917972c6f57b9cb61f5d8bb9e1c51527ba
grafana-debuginfo-10.2.6-15.el10_0.aarch64.rpm	SHA-256: 39c1dcc7ac4735accf4833e5f308c504f82dd2f4351ad92c0d8a63eea6d2b484
grafana-debugsource-10.2.6-15.el10_0.aarch64.rpm	SHA-256: 04a4a5bd8e3a24dd596db539b32f1f96fa8b37d807ad971c33a779b2b763dea6
grafana-selinux-10.2.6-15.el10_0.aarch64.rpm	SHA-256: ebb82242ebcd107d603ea60e6033d5c52d41b39836c5240906046725fd3c4518

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0

SRPM
grafana-10.2.6-15.el10_0.src.rpm	SHA-256: 780a3aaec6f12788ddb181c3b495324c9a45e707380ad3419d0e1fe61c410d41
aarch64
grafana-10.2.6-15.el10_0.aarch64.rpm	SHA-256: c8bb577612846d9d0b886d8de1fd84917972c6f57b9cb61f5d8bb9e1c51527ba
grafana-debuginfo-10.2.6-15.el10_0.aarch64.rpm	SHA-256: 39c1dcc7ac4735accf4833e5f308c504f82dd2f4351ad92c0d8a63eea6d2b484
grafana-debugsource-10.2.6-15.el10_0.aarch64.rpm	SHA-256: 04a4a5bd8e3a24dd596db539b32f1f96fa8b37d807ad971c33a779b2b763dea6
grafana-selinux-10.2.6-15.el10_0.aarch64.rpm	SHA-256: ebb82242ebcd107d603ea60e6033d5c52d41b39836c5240906046725fd3c4518

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0

SRPM
grafana-10.2.6-15.el10_0.src.rpm	SHA-256: 780a3aaec6f12788ddb181c3b495324c9a45e707380ad3419d0e1fe61c410d41
s390x
grafana-10.2.6-15.el10_0.s390x.rpm	SHA-256: 9afdca677ab3b28e95d109598b66dfb4093c43a68ac1247e38717830b106fbeb
grafana-debuginfo-10.2.6-15.el10_0.s390x.rpm	SHA-256: 271fba92da7683539ca25d616263a9c6b37481ca6e8d7f306fb665866c3fcc72
grafana-debugsource-10.2.6-15.el10_0.s390x.rpm	SHA-256: 806477127967b1eeb122c6433ac5de942051faed25e30268f13843f0240b52e4
grafana-selinux-10.2.6-15.el10_0.s390x.rpm	SHA-256: 6ca3e4b5708ffb1150c3b47d7b36327bc9a4be69fd1e90dc46d5eef545a0f83b

Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0

SRPM
grafana-10.2.6-15.el10_0.src.rpm	SHA-256: 780a3aaec6f12788ddb181c3b495324c9a45e707380ad3419d0e1fe61c410d41
ppc64le
grafana-10.2.6-15.el10_0.ppc64le.rpm	SHA-256: 0e687a58f3bddbb4cfe473a8fde03fad846df0fe0dcd7981feda5ba20a548f8d
grafana-debuginfo-10.2.6-15.el10_0.ppc64le.rpm	SHA-256: 893f40e732431bbaca546c002dba19bd35b9e7277e3e31b413435b614c3845b3
grafana-debugsource-10.2.6-15.el10_0.ppc64le.rpm	SHA-256: af61234e418e19c60f90e87cc57d129affe2e84cd8953add3822f574de84710d
grafana-selinux-10.2.6-15.el10_0.ppc64le.rpm	SHA-256: cab004911f91ed9abea3e9392fd647d6a0e07cbdda78b0b05a57afdad8262eb3

Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0

SRPM
grafana-10.2.6-15.el10_0.src.rpm	SHA-256: 780a3aaec6f12788ddb181c3b495324c9a45e707380ad3419d0e1fe61c410d41
x86_64
grafana-10.2.6-15.el10_0.x86_64.rpm	SHA-256: 85e2cc9b6433f5c94601abc35d0182a564ed13e566e75f2a932cf697672ed488
grafana-debuginfo-10.2.6-15.el10_0.x86_64.rpm	SHA-256: 0aa96f5d8726d96a9db65d573b3d101b62c946351102b6c0100ddb21a274a6b8
grafana-debugsource-10.2.6-15.el10_0.x86_64.rpm	SHA-256: 4a1985af5dfde7ca32ee4b5f05c07f65a617598874db25946dd162456fc5a322
grafana-selinux-10.2.6-15.el10_0.x86_64.rpm	SHA-256: e310e6e796dd7cb836747f81413710ad9393ea50901aa5ba45e3378816be10dc

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation