CNNVD-202506-1836 Information
CNNVD ID
CNNVD-202506-1836
Related CVE
- CNNVD Published: 2025-06-15
Description (Chinese)
Ping Identity PingFederate是美国Ping Identity公司的一个基于软件的旗舰联合服务器。用于身份管理。 Ping Identity PingFederate存在安全漏洞,该漏洞源于对非200 HTTP响应处理不当,可能导致线程耗尽。
Description (English)
Ping Identity PingFederate is a software-based combined server for Ping Identity. For identity management. There is a security loophole in Ping Infrastructure PingFederate, which stems from the inappropriate handling of non-200 HTTP responses, which could lead to the depletion of the thread.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Ping Identity
Published
2025-06-15
Last Modified
2026-02-24
References
https://www.pingidentity.com/en/resources/downloads/pingfederate.html https://docs.pingidentity.com/integrations/google/google_login_integration_kit/pf_google_cic_changelog.html https://access.redhat.com/security/cve/cve-2025-22854
Patch
https://www.pingidentity.com/en/resources/downloads/pingfederate.html
Share on: