CNNVD-202507-085 Information

CNNVD ID

CNNVD-202507-085

Related CVE

CVE-2025-53104

• CNNVD Published: 2025-07-01

Description (Chinese)

gluestack-ui是gluestack开源的一个软件。 gluestack-ui e6b4271之前版本存在命令注入漏洞，该漏洞源于discussion-to-slack.yml工作流存在命令注入。

Description (English)

gluestack-ui is a gluestack open source software. The pre-gluestack-ui e6b4271 version had a command-injecting loophole, which originated from the presence of a command-to-slack.yml workflow.

Hazard Level

Low

Vulnerability Type

命令注入

Affected Vendor

gluestack

Published

2025-07-01

Last Modified

2026-02-24

References

https://github.com/gluestack/gluestack-ui/security/advisories/GHSA-432r-9455-7f9x https://github.com/gluestack/gluestack-ui/commit/e6b427150b35e97a089ea10409de8c5c52f8a7b9 https://access.redhat.com/security/cve/cve-2025-53104

Patch

https://gluestack.io/