CNNVD-202509-171 Information
Sep 02, 2025
cve
CNNVD ID
CNNVD-202509-171
Related CVE
- CNNVD Published: 2025-09-02
Description (Chinese)
Bevy Event是美国Bevy公司的一种Bevy引擎中的通信机制。 Bevy Event 2025-07-22及之前版本存在安全漏洞,该漏洞源于SSO配置不当,可能导致账户接管。
Description (English)
Bevy Event is a communication mechanism in a Bevy engine of the United States company Bevy. Bevy Event 2025-07-22 and previous versions had a security loophole, which stemmed from the inappropriate configuration of SSO, which could lead to the account being taken over.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Bevy
Published
2025-09-02
Last Modified
2026-02-24
References
https://www.youtube.com/watch?v=wbmIvA09Ra8 https://gist.github.com/deep1chil/558e8da919690a634bec684e7c4d0ffe https://bevy.com/b/events-and-groups https://nvd.nist.gov/vuln/detail/CVE-2025-54599 https://access.redhat.com/security/cve/cve-2025-54599
Share on: