CNNVD-202509-1048 Information

Sep 08, 2025 cve

CNNVD ID

CNNVD-202509-1048

CVE-2025-57816

  • CNNVD Published: 2025-09-08

Description (Chinese)

Fides是Ethyca开源的一个开源隐私工程平台,用于管理运行时环境中数据隐私请求的实现以及代码中隐私法规的执行。 Fides 2.69.1之前版本存在安全漏洞,该漏洞源于IP速率限制在CDN或代理环境下失效,可能导致拒绝服务攻击。

Description (English)

Fides is an open source privacy engineering platform for the Ethyca Open Source to manage the implementation of data privacy requests in the running-time environment and the enforcement of privacy regulations in codes. There was a security loophole in the pre-Fides 2.691 version, which stemmed from the failure of the IP speed limit in the CDN or proxy environment, which could lead to a denial of service attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Ethyca

Published

2025-09-08

Last Modified

2026-02-24

References

https://github.com/ethyca/fides/releases/tag/2.69.1 https://github.com/ethyca/fides/security/advisories/GHSA-fq34-xw6c-fphf https://github.com/ethyca/fides/commit/59903c195e2f9f8915a1db94950aefd557033a5c https://access.redhat.com/security/cve/cve-2025-57816

Patch

https://github.com/ethyca/fides/releases

Share on: