CNNVD-202508-1472 Information
CNNVD ID
CNNVD-202508-1472
Related CVE
- CNNVD Published: 2025-08-13
Description (Chinese)
Part-DB是Part-DB开源的一个基于 Web 的数据库,用于管理电子元件。 Part-DB 1.17.3之前版本存在安全漏洞,该漏洞源于认证用户可上传误导性扩展名的文件,可能导致用户管理界面拒绝服务。
Description (English)
Part-DB is a web-based database of Part-DB open sources for managing electronic components. A security loophole existed in the pre-Part-DB 1.173 version, which stemmed from the ability of certified users to upload misleading extension files, which could lead to the denial of services by the user management interface.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Part-DB
Published
2025-08-13
Last Modified
2026-02-24
References
https://drive.google.com/file/d/10exp_BS9kRKHrFSPjiA_ZYUVJbHN8doW/view https://github.com/Part-DB/Part-DB-server/commit/d370f976a7b0c19d502aadbaa0f93eb90c2a6ffa https://github.com/Part-DB/Part-DB-server/security/advisories/GHSA-7rv3-rcxv-69ww https://nvd.nist.gov/vuln/detail/CVE-2025-55194
Patch
https://github.com/Part-DB/Part-DB-server/releases
Share on: