CNNVD-202507-1918 Information

CNNVD ID

CNNVD-202507-1918

Related CVE

CVE-2025-53885

• CNNVD Published: 2025-07-14

Description (Chinese)

Directus是Directus开源的一个实时 Api 和应用程序仪表板。用于管理 Sql 数据库内容。 Directus 9.0.0至11.9.0之前版本存在日志信息泄露漏洞，该漏洞源于日志记录敏感数据，可能导致数据泄露。

Description (English)

Directus is a real-time Api and application dashboard from Directus open source. To manage Sql database content. Directus 9.0.0 to 11.9.0 pre-versions contain log information leaks, which originate from log records of sensitive data and may lead to data leaks.

Hazard Level

High

Vulnerability Type

日志信息泄露

Affected Vendor

Directus

Published

2025-07-14

Last Modified

2026-02-24

References

https://github.com/directus/directus/security/advisories/GHSA-x3vm-88hf-gpxp https://github.com/directus/directus/releases/tag/v11.9.0 https://github.com/directus/directus/pull/25355 https://github.com/directus/directus/commit/859f664f56fb50401c407b095889cea38ff580e5 https://access.redhat.com/security/cve/cve-2025-53885 https://nvd.nist.gov/vuln/detail/CVE-2025-53885

Patch

https://github.com/directus/directus/releases