The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Users with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources. The issue primarily affects datasources that implement route-specific permissions, including Alertmanager and certain Prometheus-based datasources. (CVE-2025-3454) Note that Nessus relies on the presence of the package as reported by the vendor. File data…Read More
Linux Distros Unpatched Vulnerability : CVE-2025-3454
