CNNVD-202510-2483 Information

CNNVD ID

CNNVD-202510-2483

Related CVE

CVE-2025-62356

• CNNVD Published: 2025-10-17

Description (Chinese)

Qodo Gen是美国Qodo公司的一个代码AI辅助工具。 Qodo Gen存在安全漏洞，该漏洞源于容易受到路径遍历攻击，可能导致读取终端用户系统上的任意本地文件。

Description (English)

Qodo Gen is an AI-aided code for Qodo in the United States. There is a security gap in Qodo Gen, which stems from the vulnerability of the path to attack and may lead to access to any local files on the end-user system.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Qodo

Published

2025-10-17

Last Modified

2026-02-24

References

https://hiddenlayer.com/sai_security_advisor/2025-10-qodogen/ https://access.redhat.com/security/cve/cve-2025-62356