CNNVD-202508-855 Information

CNNVD ID

CNNVD-202508-855

Related CVE

CVE-2025-8794

• CNNVD Published: 2025-08-10

Description (Chinese)

LitmusChaos是Litmus Chaos开源的一个以云原生方式实践混沌工程的程序。 LitmusChaos 3.19.0及之前版本存在安全漏洞，该漏洞源于组件LocalStorage Handler中参数projectID处理不当，可能导致授权绕过。

Description (English)

Litmus Chaos is a cloud-based process for the operation of chaos works in the open source of Litmus Chaos. There is a security loophole in Litmus Chaos 3.19.0 and earlier versions, which stems from the inappropriate handling of the parameter projectID in the LocalStorage Handler component, which may result in the authorization circumvention.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Litmus Chaos

Published

2025-08-10

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.319322 https://vuldb.com/?submit.625982 https://vuldb.com/?id.319322 https://github.com/MaiqueSilva/VulnDB/blob/main/readme04.md https://access.redhat.com/security/cve/cve-2025-8794 https://nvd.nist.gov/vuln/detail/CVE-2025-8794