CNNVD-202508-857 Information
CNNVD ID
CNNVD-202508-857
Related CVE
- CNNVD Published: 2025-08-10
Description (Chinese)
LitmusChaos是Litmus Chaos开源的一个以云原生方式实践混沌工程的程序。 LitmusChaos 3.19.0及之前版本存在安全漏洞,该漏洞源于文件/auth/delete_project中参数projectID缺少授权,可能导致远程攻击。
Description (English)
Litmus Chaos is a cloud-based process for the operation of chaos works in the open source of Litmus Chaos. There is a security loophole in Litmus Chaos 3.19.0 and earlier versions, which stems from the lack of authorization for the parameter projectID in the document/auth/delete project, which could lead to a long-range attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Litmus Chaos
Published
2025-08-10
Last Modified
2026-02-24
References
https://vuldb.com/?ctiid.319324 https://github.com/MaiqueSilva/VulnDB/blob/main/readme06.md https://vuldb.com/?id.319324 https://vuldb.com/?submit.625989 https://access.redhat.com/security/cve/cve-2025-8796 https://nvd.nist.gov/vuln/detail/CVE-2025-8796
Share on: