CNNVD-202509-3680 Information

CNNVD ID

CNNVD-202509-3680

Related CVE

CVE-2025-9844

• CNNVD Published: 2025-09-23

Description (Chinese)

Salesforce CLI是美国Salesforce公司的一个和Salesforce平台交互的命令行工具。 Salesforce CLI 2.106.6之前版本存在安全漏洞，该漏洞源于未控制的搜索路径元素，可能导致替换可信可执行文件。

Description (English)

Salesforce CLI is an interactive command-line tool between Salesforce and Salesforce platforms in the United States. There was a security loophole in the previous version of Salesforce CLI 2.106.6, which originated from uncontrolled search path elements and could lead to the replacement of credible enforceable documents.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Salesforce

Published

2025-09-23

Last Modified

2026-02-24

References

https://help.salesforce.com/s/articleView?id=005224301&type=1 https://access.redhat.com/security/cve/cve-2025-9844

Patch

https://help.salesforce.com/s/articleView?id=005224301&type=1