CNNVD-202509-1178 Information

Sep 09, 2025 cve

CNNVD ID

CNNVD-202509-1178

CVE-2025-58442

  • CNNVD Published: 2025-09-09

Description (Chinese)

saleor是Saleor Commerce开源的一个接口软件。 Saleor 3.21.0至3.21.16之前版本存在安全漏洞,该漏洞源于错误处理不当,可能导致用户信息泄露。

Description (English)

Saleor is an interface to the opening source of Saleor Commerce. Prior to Saleor 3.21.0 to 3.21.16, there was a security loophole, which stemmed from mishandling and could lead to the disclosure of user information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Saleor Commerce

Published

2025-09-09

Last Modified

2026-02-24

References

https://github.com/saleor/saleor/commit/09d671e91ea53a44352d5f685083dc05a2f55e95 https://github.com/saleor/saleor/releases/tag/3.21.16 https://github.com/saleor/saleor/commit/b35783838e51cfc118e07d632f64b01bc3a2c4bb https://github.com/saleor/saleor/security/advisories/GHSA-8w67-mfm5-fwx5 https://access.redhat.com/security/cve/cve-2025-58442

Patch

https://github.com/saleor/saleor/releases

Share on: