CNNVD-202507-3790 Information
CNNVD ID
CNNVD-202507-3790
Related CVE
- CNNVD Published: 2025-07-30
Description (Chinese)
Heimdall是LinuxServer.io开源的一个应用程序面板和启动器。 Heimdall 2.6.3-ls307版本存在安全漏洞,该漏洞源于HTTP头处理不当,可能导致主机头注入和开放重定向攻击。
Description (English)
Heimdall is an application panel and starter for LinuxServer.io open source. Heimdall 2.6.3-ls307 has a security loophole, which stems from the improper handling of HTTP head, which could lead to the injection of the mainframe head and the opening of a re-directional attack.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
LinuxServer.io
Published
2025-07-30
Last Modified
2026-02-24
References
https://medium.com/@juanfelipeoz.rar/cve-2025-50578-exploiting-host-header-injection-open-redirect-in-heimdall-application-733afceff2ea https://github.com/linuxserver/Heimdall https://github.com/linuxserver/Heimdall/issues/1451 https://nvd.nist.gov/vuln/detail/CVE-2025-50578 https://access.redhat.com/security/cve/cve-2025-50578
Patch
https://github.com/linuxserver/Heimdall/releases
Share on: