CNNVD-202509-3050 Information

CNNVD ID

CNNVD-202509-3050

Related CVE

CVE-2025-30755

• CNNVD Published: 2025-09-19

Description (Chinese)

Oracle OpenGrok是美国甲骨文（Oracle）公司的一个快速高效的源代码搜索与交叉引用工具，支持多种编程语言，用于大型代码库的导航和分析。 Oracle OpenGrok 1.14.1版本存在安全漏洞，该漏洞源于对revision参数处理不当，可能导致反射型跨站脚本攻击。

Description (English)

Oracle OpenGrok is a fast and efficient source-code search and cross-reference tool for Oracle, which supports multiple programming languages for navigation and analysis in large code libraries. Oracle OpenGrok 1.14.1 has a security loophole, which stems from the mishandling of revision parameters and may lead to a cross-script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

甲骨文

Published

2025-09-19

Last Modified

2026-02-24

References

https://www.oracle.com/security-alerts/all-oracle-cves-outside-other-oracle-public-documents.html https://access.redhat.com/security/cve/cve-2025-30755

Patch

https://github.com/oracle/opengrok/releases