Primary

Context

Grafana Zabbix Plugin Regular Expression Denial-of-Service Vulnerability

Vulnerability

A regular expression denial-of-service (ReDoS) vulnerability has been identified in the Grafana Zabbix plugin, specifically in versions 5.2.1 and earlier. This vulnerability arises from user-supplied regular expression queries that can cause excessive CPU usage, potentially leading to performance degradation. The issue has been addressed in version 6.0.0 of the plugin.

Impact

Exploitation of this vulnerability can cause a significant increase in CPU usage, leading to performance issues on the affected system.

Remediation

Users can upgrade to Grafana Zabbix Plugin version 6.0.0 or later to address this vulnerability.

Added: Sep 19, 2025, 10:18 AM

Updated: Sep 19, 2025, 4:21 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Grafana Zabbix Plugin Regular Expression Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating