CNNVD-202508-817 Information

CNNVD ID

CNNVD-202508-817

Related CVE

CVE-2025-55152

• CNNVD Published: 2025-08-09

Description (Chinese)

oak是oak开源的一个中间件框架。 oak 17.1.5及之前版本存在安全漏洞，该漏洞源于x-forwarded-proto或x-forwarded-for标头的特制值可能导致服务器性能下降。

Description (English)

oak is an intermediate framework for an oak open source. oak 17.1.5 and previous versions contain a security loophole, which stems from the unique value of x-forwarded-proto or x-forwarded-for header, which may lead to a decrease in server performance.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

oak

Published

2025-08-09

Last Modified

2026-02-24

References

https://github.com/oakserver/oak/security/advisories/GHSA-r3v7-pc4g-7xp9 https://github.com/oakserver/oak/commit/b60e60330ef227707c4dc13ef0ea36192d894f44 https://access.redhat.com/security/cve/cve-2025-55152

Patch

https://github.com/oakserver/oak