CNNVD-202510-3427 Information

CNNVD ID

CNNVD-202510-3427

Related CVE

CVE-2025-46183

• CNNVD Published: 2025-10-24

Description (Chinese)

pgCodeKeeper是pgCodeKeeper开源的一个用于数据库模式管理的Eclipse插件。 pgCodeKeeper 10.12.0版本存在安全漏洞，该漏洞源于Utils.deserialize函数处理来自不可信源的序列化数据，可能导致执行任意代码或其他恶意行为。

Description (English)

pgCodeKeeper is an Eclipse plugin for database model management at pgCodeKeeper open source. There is a security loophole in version 10.12.0 of pgCodeKeeper, which originates from the Utils.deserialize function, which handles sequenced data from untrustworthy sources and may lead to the execution of arbitrary codes or other malicious acts.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

pgCodeKeeper

Published

2025-10-24

Last Modified

2026-02-24

References

https://github.com/hacktimepro/vulnerabilities/blob/main/Disclosure_CVE-2025-46183_pgcodekeeper.md

Patch

https://github.com/pgcodekeeper/pgcodekeeper/releases