CNNVD-202508-940 Information
Aug 11, 2025
cve
CNNVD ID
CNNVD-202508-940
Related CVE
- CNNVD Published: 2025-08-11
Description (Chinese)
YugabyteDB是美国Yugabyte公司的一款用于云原生应用程序的高性能事务性分布式 SQL 数据库。 YugabyteDB存在安全漏洞,该漏洞源于/metamaster/universe API端点身份验证不足,可能导致获取服务器网络配置信息。
Description (English)
YugabyteDB is a high-performance service distribution SQL database for cloud-based applications from Yugabyte, United States. There is a security loophole in YugabyteDB, which stems from inadequate identification of/metal/universe API endpoints, which may lead to access to server network configuration information.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Yugabyte
Published
2025-08-11
Last Modified
2026-02-24
References
https://docs.yugabyte.com/preview/secure/vulnerability-disclosure-policy/
Patch
https://github.com/yugabyte/yugabyte-db/releases
Share on: