CNNVD-202509-4266 Information
CNNVD ID
CNNVD-202509-4266
Related CVE
- CNNVD Published: 2025-09-27
Description (Chinese)
phonenumber是Whisperfish开源的一个用于解析、格式化和验证国际电话号码的库。 phonenumber 1.2.2之前版本存在安全漏洞,该漏洞源于phonenumbers.Parse函数未正确验证输入语法,可能导致越界访问错误。
Description (English)
phone Nuber is a library of open sources of Whisperfish for the resolution, formatting and validation of international telephone numbers. There is a security loophole in the previous version of version 1.2.2, which stems from the incorrect validation of input syntax in the phonenumbers.Parse function, which may result in cross-border access errors.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Whisperfish
Published
2025-09-27
Last Modified
2026-02-24
References
https://github.com/nyaruka/phonenumbers/commit/0479e35488e8a002a261cdb515ef8a7f80ca37fe https://github.com/nyaruka/phonenumbers/issues/148 https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMNYARUKAPHONENUMBERS-6084070
Patch
https://github.com/nyaruka/phonenumbers/releases
Share on: