CNNVD-202508-851 Information
CNNVD ID
CNNVD-202508-851
Related CVE
- CNNVD Published: 2025-08-10
Description (Chinese)
LitmusChaos是Litmus Chaos开源的一个以云原生方式实践混沌工程的程序。 LitmusChaos 3.19.0及之前版本存在安全漏洞,该漏洞源于文件/auth/list_projects中参数role处理不当,可能导致授权不当。
Description (English)
Litmus Chaos is a cloud-based process for the operation of chaos works in the open source of Litmus Chaos. There is a security loophole in Litmus Chaos 3.19.0 and earlier versions, which stems from the inappropriate handling of the role parameter in the document/auth/list projects, which may lead to the improper delegation of authority.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Litmus Chaos
Published
2025-08-10
Last Modified
2026-02-24
References
https://vuldb.com/?submit.625949 https://vuldb.com/?id.319319 https://github.com/MaiqueSilva/VulnDB/blob/main/readmi1.md https://vuldb.com/?ctiid.319319 https://nvd.nist.gov/vuln/detail/CVE-2025-8791 https://access.redhat.com/security/cve/cve-2025-8791
Share on: