CNNVD-202510-3274 Information

CNNVD ID

CNNVD-202510-3274

Related CVE

CVE-2025-62820

• CNNVD Published: 2025-10-23

Description (Chinese)

Slack Nebula是Slack开源的一款可扩展的覆盖网络工具。 Slack Nebula 1.9.7之前版本存在安全漏洞，该漏洞源于某些配置中CIDR处理不当，可能导致接受Nebula网络中的任意源IP地址。

Description (English)

Slack Nebula is a scalable network-covering tool for Slack open source. The previous version of Slack Nebula 1.9.7 had a security loophole, which stemmed from the inappropriate handling of CIDRs in certain configurations, which could lead to acceptance of any source IP address in the Nebula network.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Slack

Published

2025-10-23

Last Modified

2026-02-24

References

https://github.com/slackhq/nebula/pull/1493 https://github.com/slackhq/nebula/pull/1494

Patch

https://github.com/slackhq/nebula/releases