CNNVD-202510-4243 Information
CNNVD ID
CNNVD-202510-4243
Related CVE
- CNNVD Published: 2025-10-30
Description (Chinese)
NeuVector是美国NeuVector公司的一套端到端的容器安全平台。该平台包括图像漏洞管理、准入控制和容器进程/文件系统保护等功能。 NeuVector存在信任管理问题漏洞,该漏洞源于未强制执行TLS证书验证且未限制内存加载大小,可能导致中间人攻击和拒绝服务攻击。
Description (English)
NeuVector is an end-to-end container safety platform for NeuVector in the United States. The platform includes features such as image gap management, access control and container process/document system protection. NeuVector has a confidence management gap, which stems from the failure to enforce TLS certification and to limit the size of memory loading, which may lead to attacks by intermediaries and denial of service attacks.
Hazard Level
Medium
Vulnerability Type
信任管理问题
Affected Vendor
NeuVector
Published
2025-10-30
Last Modified
2026-02-24
References
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54470 https://github.com/neuvector/neuvector/security/advisories/GHSA-qqj3-g7mx-5p4w
Patch
https://github.com/neuvector/neuvector/releases
Share on: