CNNVD-202507-1546 Information
CNNVD ID
CNNVD-202507-1546
Related CVE
- CNNVD Published: 2025-07-10
Description (Chinese)
Chall-Manager是CTFer.io开源的一个开源项目。 Chall-Manager 0.1.4之前版本存在安全漏洞,该漏洞源于HTTP网关未设置超时,可能导致慢速loris攻击引发拒绝服务。
Description (English)
Challenge-Manager is an open source project for CTFer.io. The previous version of Challenge-Manager 0.1.4 had a security loophole, which stemmed from the fact that the HTTP gateway had not been timed out, which could have led to a slow-speed loris attack causing the denial of services.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
携程
Published
2025-07-10
Last Modified
2026-02-24
References
https://github.com/ctfer-io/chall-manager/commit/1385bd869142651146cd0b123085f91cec698636 https://github.com/ctfer-io/chall-manager/security/advisories/GHSA-ggmv-j932-q89q https://github.com/ctfer-io/chall-manager/releases/tag/v0.1.4 https://nvd.nist.gov/vuln/detail/CVE-2025-53634 https://access.redhat.com/security/cve/cve-2025-53634
Patch
https://github.com/ctfer-io/chall-manager/releases
Share on: