CNNVD-202508-2029 Information

CNNVD ID

CNNVD-202508-2029

Related CVE

CVE-2025-54234

• CNNVD Published: 2025-08-18

Description (Chinese)

Adobe ColdFusion是美国奥多比（Adobe）公司的一套快速应用程序开发平台。该平台包括集成开发环境和脚本语言。 Adobe ColdFusion 2025.1、2023.13、2021.19及之前版本存在代码问题漏洞，该漏洞源于服务端请求伪造漏洞，可能导致有限文件系统读取。

Description (English)

Adobe ColdFusion is a fast-track application development platform for Adobe in the United States. The platform includes an integrated development environment and script language. Adobe ColdFusion 2025.1, 2023.13, 2021.19 and previous versions had a code gap, which stemmed from a false loophole in service requests, which could lead to limited access to document systems.

Hazard Level

Critical

Vulnerability Type

代码问题

Affected Vendor

奥多比

Published

2025-08-18

Last Modified

2026-02-24

References

https://helpx.adobe.com/security/products/coldfusion/apsb25-52.html https://nvd.nist.gov/vuln/detail/CVE-2025-54234

Patch

https://helpx.adobe.com/security/products/coldfusion/apsb25-52.html