CNNVD-202509-1490 Information

Sep 10, 2025 cve

CNNVD ID

CNNVD-202509-1490

CVE-2025-59049

CNNVD Published: 2025-09-10

Description (Chinese)

Mockoon是mockoon开源的一个接口软件。 Mockoon 9.2.0之前版本存在安全漏洞，该漏洞源于静态文件服务配置中存在路径遍历和本地文件包含漏洞。

Description (English)

Mockoon is an interface for mockoon open source. There is a security loophole in the previous version of Mockoon 9.2. This leak stems from the existence of a path through the static file service configuration and a gap in local files.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

mockoon

Published

2025-09-10

Last Modified

2026-02-24

References

https://github.com/mockoon/mockoon/blob/1ed31c4059d7f757f6cb2a43e10dc81b0d9c55a9/packages/commons-server/src/libs/server/server.ts#L1400 https://github.com/mockoon/mockoon/blob/1ed31c4059d7f757f6cb2a43e10dc81b0d9c55a9/packages/commons-server/src/libs/server/server.ts#L1551 https://github.com/mockoon/mockoon/commit/c7f6e23e87dc3b8cc44e5802af046200a797bd2e https://github.com/mockoon/mockoon/security/advisories/GHSA-w7f9-wqc4-3wxr

Patch

https://mockoon.com/

Share on: