CNNVD-202510-2094 Information
CNNVD ID
CNNVD-202510-2094
Related CVE
- CNNVD Published: 2025-10-15
Description (Chinese)
Frigate是Blake Blackshear个人开发者的一款专为具有 AI 对象检测功能的家庭助理设计的完整本地 NVR。 Frigate 0.16.2之前版本存在安全漏洞,该漏洞源于导出工作流允许操作员指定任意文件系统位置作为视频导出的缩略图源,可能导致任意文件读取和信息泄露。
Description (English)
Frigate is a complete local NVR designed by Blake Blackshead’s personal developer for family assistants with AI object detection. The security loophole in the pre-Frigate 0.16.2 version stems from the fact that the export workflow allows operators to assign any file system location as a source of thumbnails exported by video, which may lead to any document reading and information leak.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-10-15
Last Modified
2026-02-24
References
https://github.com/blakeblackshear/frigate/commit/d7f7cd7be16bfe7a12766b797da6b8add687ccd9 https://github.com/blakeblackshear/frigate/security/advisories/GHSA-8gv4-5jr9-v96j https://access.redhat.com/security/cve/cve-2025-62382
Patch
https://github.com/blakeblackshear/frigate/releases
Share on: