CNNVD-202508-2040 Information

CNNVD ID

CNNVD-202508-2040

Related CVE

CVE-2025-55299

• CNNVD Published: 2025-08-18

Description (Chinese)

VaulTLS是Emily Ehlert个人开发者的一款现代化的解决方案，可轻松管理 mTLS（双向 TLS）证书。 VaulTLS 0.9.1之前版本存在安全漏洞，该漏洞源于空密码设置和API登录绕过，可能导致未授权访问。

Description (English)

VaulTLS is a modern solution for Emily Ehlert’s personal developer, who can easily manage mTLS certificates. There was a security loophole in the previous version of VaulTLS 0.9.1, which originated in an empty password setting and through the API login, which could lead to unauthorized access.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-08-18

Last Modified

2026-02-24

References

https://github.com/7ritn/VaulTLS/commit/6ac0a43a768f1753f6889ba43f914e773a4b45c0 https://github.com/7ritn/VaulTLS/security/advisories/GHSA-pjfr-pj3h-cw8m https://nvd.nist.gov/vuln/detail/CVE-2025-55299

Patch

https://github.com/7ritn/VaulTLS/releases