CNNVD-202509-1471 Information

CNNVD ID

CNNVD-202509-1471

Related CVE

CVE-2025-58755

• CNNVD Published: 2025-09-09

Description (Chinese)

MONAI是Project MONAI开源的一个医疗成像AI工具包。 MONAI 1.5.0及之前版本存在路径遍历漏洞，该漏洞源于extractall函数处理不当，可能导致系统文件覆盖。

Description (English)

MONAI is a medical imaging AI toolkit from Project MONAI Open Source. MONAI 1.5.0 and previous versions have a loophole in the path, which stems from the inappropriate handling of the extractall function, which may result in system file overlay.

Hazard Level

Medium

Vulnerability Type

路径遍历

Affected Vendor

Project MONAI

Published

2025-09-09

Last Modified

2026-02-24

References

https://github.com/Project-MONAI/MONAI/security/advisories/GHSA-x6ww-pf9m-m73m https://access.redhat.com/security/cve/cve-2025-58755