CNNVD-202507-3788 Information

CNNVD ID

CNNVD-202507-3788

Related CVE

CVE-2025-54573

• CNNVD Published: 2025-07-30

Description (Chinese)

CVAT.ai CVAT是CVAT.ai开源的一个数据处理工具。 CVAT.ai CVAT 1.1.0至2.41.0版本存在授权问题漏洞，该漏洞源于未强制进行电子邮件验证，可能导致使用虚假电子邮件地址创建账户和机器人注册。

Description (English)

CVAT.ai CVAT is an open source data-processing tool for CVAT.ai. CVAT.ai CVAT.1.0 to 2.41.0 has a mandate gap, which arises from the lack of mandatory e-mail validation, which may lead to the creation of accounts and robotic registration using false e-mail addresses.

Hazard Level

High

Vulnerability Type

授权问题

Affected Vendor

CVAT.ai

Published

2025-07-30

Last Modified

2026-02-24

References

https://github.com/cvat-ai/cvat/commit/bc20eff16b8406fbb755f6540e6f269da0c9c5b2 https://github.com/cvat-ai/cvat/security/advisories/GHSA-fxgh-m76j-242q

Patch

https://github.com/cvat-ai/cvat/releases