CNNVD-202508-1424 Information

CNNVD ID

CNNVD-202508-1424

Related CVE

CVE-2025-50946

• CNNVD Published: 2025-08-13

Description (Chinese)

OliveTin是OliveTin开源的一个Web应用。 OliveTin 2025.4.22版本存在安全漏洞，该漏洞源于service/internal/executor/arguments.go中ParseRequestURI函数存在OS命令注入。

Description (English)

Olive Tin is a Web application from Olive Tin Open Source. There is a security loophole in the Olive Tin 2025.4.22 version, which originates from the OS command injection of the ParseRequesturi function in service/international/execuator/arguments.go.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

OliveTin

Published

2025-08-13

Last Modified

2026-02-24

References

https://github.com/chrisWalker11/Cves/blob/main/CVE-2025-50946/CVE-2025-50946.md https://github.com/OliveTin/OliveTin https://github.com/OliveTin/OliveTin/blob/8c073bf45fca6c6eda4e8a9feb182433277343ee/service/internal/executor/arguments.go#L211

Patch

https://github.com/OliveTin/OliveTin/releases