CNNVD-202507-164 Information

CNNVD ID

CNNVD-202507-164

Related CVE

CVE-2025-45424

• CNNVD Published: 2025-07-02

Description (Chinese)

Xinference是奋进的小杨个人开发者的一个应用程序。 Xinference 1.4.0之前版本存在安全漏洞，该漏洞源于访问控制不当，可能导致未授权访问Web GUI。

Description (English)

Xinference is an application for the personal developer of Young. There was a security loophole in previous version 1.4.0, which stemmed from inadequate access controls and could lead to unauthorized access to Web GUI.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Live Support

Published

2025-07-02

Last Modified

2026-02-24

References

https://github.com/honysyang/Xinference/blob/main/Xinference_Web/Xinference_Web_EN.docx https://github.com/honysyang/Xinference/tree/main/Xinference_Web https://access.redhat.com/security/cve/cve-2025-45424

Patch

https://github.com/xorbitsai/inference/releases