CNNVD-202506-2607 Information

CNNVD ID

CNNVD-202506-2607

Related CVE

CVE-2025-47293

• CNNVD Published: 2025-06-19

Description (Chinese)

PowSyBl Core是PowSyBl开源的一个面向电力系统的软件构建框架。 PowSyBl Core 6.7.2之前版本存在安全漏洞，该漏洞源于XML解析容易受到XML外部实体攻击和服务端请求伪造攻击。

Description (English)

PowSyBl Core is a software construction framework for power systems that is open to PowSyBl. The security gap in the pre-PowSyBl Core 6.7.2 version stems from the XML analysis of vulnerability to attacks from outside XML entities and requests from the service side to forge attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

PowSyBl

Published

2025-06-19

Last Modified

2026-02-24

References

https://nvd.nist.gov/vuln/detail/CVE-2025-47293 https://access.redhat.com/security/cve/cve-2025-47293

Patch

https://github.com/powsybl/powsybl-core/releases