grafana-11.3.2-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2025:14681-1 Final 1 1 2025-01-22T00:00:00Z current 2025-01-22T00:00:00Z 2025-01-22T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z grafana-11.3.2-1.1 on GA media These are all security issues fixed in the grafana-11.3.2-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2025-14681 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3L5XBQXUNM6YDZKEI3NWZZ2KPACV7RPK/ E-Mail link for openSUSE-SU-2025:14681-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2024-9476/ SUSE CVE CVE-2024-9476 page openSUSE Tumbleweed grafana-11.3.2-1.1 grafana-11.3.2-1.1 as a component of openSUSE Tumbleweed A vulnerability in Grafana Labs Grafana OSS and Enterprise allows Privilege Escalation allows users to gain access to resources from other organizations within the same Grafana instance via the Grafana Cloud Migration Assistant.This vulnerability will only affect users who utilize the Organizations feature to isolate resources on their Grafana instance. CVE-2024-9476 openSUSE Tumbleweed:grafana-11.3.2-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3L5XBQXUNM6YDZKEI3NWZZ2KPACV7RPK/ https://www.suse.com/security/cve/CVE-2024-9476.html CVE-2024-9476 https://bugzilla.suse.com/1233343 SUSE Bug 1233343