CNNVD-202508-414 Information
CNNVD ID
CNNVD-202508-414
Related CVE
- CNNVD Published: 2025-08-06
Description (Chinese)
Vision UI是David Osipov个人开发者的一个UI组件。 Vision UI 1.4.0及之前版本存在安全漏洞,该漏洞源于generateSecureId和getSecureRandomInt函数存在内存耗尽问题,可能导致拒绝服务攻击。
Description (English)
Vision UI is a UI component of David Osipov’s personal developer. There is a security loophole in the Vision UI 1.4.0 and previous versions, which stems from the RAM depletion of the generateSecureId and GetSecureRandomInt functions, which may lead to the denial of service attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-08-06
Last Modified
2026-02-24
References
https://github.com/DavidOsipov/Vision-ui/commit/74802cd688b661a35e638fc96938d65ca7c05ff5 https://github.com/DavidOsipov/Vision-ui/security/advisories/GHSA-gg28-wc2c-jjj3 https://github.com/DavidOsipov/Vision-ui/releases/tag/1.5.0 https://access.redhat.com/security/cve/cve-2025-54884
Patch
https://github.com/DavidOsipov/Vision-ui/releases
Share on: