CNNVD-202509-163 Information

CNNVD ID

CNNVD-202509-163

Related CVE

CVE-2025-55472

• CNNVD Published: 2025-09-02

Description (Chinese)

tirreno是tirreno开源的一个安全分析软件。 Tirreno v0.9.5版本存在安全漏洞，该漏洞源于columns[0][data]参数处理不当，可能导致SQL注入攻击。

Description (English)

tirreno is a security analysis software from the open source of tirreno. There is a security loophole in version Tirreno v. 0.9.5, which stems from the mishandling of the columns [0] [data] parameters, which could lead to an SQL injection attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

tirreno

Published

2025-09-02

Last Modified

2026-02-24

References

https://github.com/tirrenotechnologies/tirreno/releases/tag/v0.9.6 https://cyberducky.medium.com/blind-sql-injection-found-in-tirreno-security-analytics-cbd791cec1c0 https://nvd.nist.gov/vuln/detail/CVE-2025-55472 https://access.redhat.com/security/cve/cve-2025-55472

Patch

https://github.com/tirrenotechnologies/tirreno/releases