CNNVD-202507-1545 Information
CNNVD ID
CNNVD-202507-1545
Related CVE
- CNNVD Published: 2025-07-10
Description (Chinese)
Chall-Manager是CTFer.io开源的一个开源项目。 Chall-Manager 0.1.4之前版本存在安全漏洞,该漏洞源于解压zip文件时未检查内容大小,可能导致zip炸弹解压。
Description (English)
Challenge-Manager is an open source project for CTFer.io. The previous version of Challenge-Manager 0.1.4 had a security loophole, which stemmed from the failure to check the size of the zip file, which could lead to the zip bomb.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
携程
Published
2025-07-10
Last Modified
2026-02-24
References
https://github.com/ctfer-io/chall-manager/security/advisories/GHSA-r7fm-3pqm-ww5w https://github.com/ctfer-io/chall-manager/commit/14042aa66a577caee777e10fe09adcf2587d20dd https://github.com/ctfer-io/chall-manager/releases/tag/v0.1.4 https://access.redhat.com/security/cve/cve-2025-53633 https://nvd.nist.gov/vuln/detail/CVE-2025-53633
Patch
https://github.com/ctfer-io/chall-manager/releases
Share on: