CNNVD-202508-3309 Information
CNNVD ID
CNNVD-202508-3309
Related CVE
- CNNVD Published: 2025-08-28
Description (Chinese)
Valtimo是荷兰Valtimo开源的一个业务流程自动化的低代码平台。 Valtimo 12.16.0.RELEASE和13.1.2.RELEASE之前版本存在安全漏洞,该漏洞源于管理员可能通过流程定义访问敏感数据或资源。
Description (English)
Valtimo is a low-code platform for business process automation from the open source of Valtimo in the Netherlands. Valtimo 12.16.RELEASE and 13.1.2. RELEASE pre-versions contain a security loophole that stems from the possibility for administrators to access sensitive data or resources through process definition.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
Valtimo
Published
2025-08-28
Last Modified
2026-02-24
References
https://github.com/valtimo-platform/valtimo-backend-libraries/security/advisories/GHSA-w48j-pp7j-fj55 https://github.com/valtimo-platform/valtimo-backend-libraries/commit/45eb60b0b2df5964fb9917295d0dceb1fff8dd85 https://nvd.nist.gov/vuln/detail/CVE-2025-58059
Patch
https://github.com/valtimo-platform/valtimo-backend-libraries/releases
Share on: