CNNVD-202507-1543 Information
CNNVD ID
CNNVD-202507-1543
Related CVE
- CNNVD Published: 2025-07-10
Description (Chinese)
Chall-Manager是CTFer.io开源的一个开源项目。 Chall-Manager 0.1.4之前版本存在路径遍历漏洞,该漏洞源于解压zip文件时未检查文件路径,可能导致任意文件覆盖。
Description (English)
Challenge-Manager is an open source project for CTFer.io. The previous version of Challenge-Manager 0.1.4 had a loophole in the path, which stemmed from the failure to check the path of the file when it was depressed, which could lead to any document overwhelming.
Hazard Level
Low
Vulnerability Type
路径遍历
Affected Vendor
携程
Published
2025-07-10
Last Modified
2026-02-24
References
https://github.com/ctfer-io/chall-manager/security/advisories/GHSA-3gv2-v3jx-r9fh https://github.com/ctfer-io/chall-manager/commit/47d188fda5e3f86285e820f12ad9fb6f9930662c https://github.com/ctfer-io/chall-manager/releases/tag/v0.1.4 https://access.redhat.com/security/cve/cve-2025-53632 https://nvd.nist.gov/vuln/detail/CVE-2025-53632
Patch
https://github.com/ctfer-io/chall-manager/releases
Share on: