CLSA-2026-1772448200

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1772448200.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1772448200
Upstream
Published
2026-03-02T10:43:24Z
Modified
2026-06-01T00:32:41.728640750Z
Summary
grafana: Fix of 3 CVEs
Details
  • rebuild with golang 1.25.7 which fixes the following CVEs -
  • CVE-2025-61726: fix DoS due to memory exhaustion flaw in net/url parameter parsing
  • CVE-2025-61728: fix DoS due to CPU exhaustion flaw in archive/zip indexing
  • CVE-2025-61729: fix DoS due to CPU exhaustion flaw in crypto/x509 certificate validation
References

Affected packages

TuxCare:AlmaLinux:9.6 / grafana

Package

Name
grafana
Purl
pkg:rpm/tuxcare/grafana?distro=almalinux-9.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10.2.6-15.el9_6.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1772448200.json"

TuxCare:AlmaLinux:9.6 / grafana-selinux

Package

Name
grafana-selinux
Purl
pkg:rpm/tuxcare/grafana-selinux?distro=almalinux-9.6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
10.2.6-15.el9_6.tuxcare.els2

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.6esu/CLSA-2026-1772448200.json"