CNNVD-202511-115 Information
CNNVD ID
CNNVD-202511-115
Related CVE
- CNNVD Published: 2025-11-04
Description (Chinese)
LinkAce是Kevin Woblick个人开发者的一个自托管档案库,用于收集您最喜爱的网站的链接。 LinkAce 2.3.0及之前版本存在代码问题漏洞,该漏洞源于未验证用户提供的URL目标是否为内部或私有网络资源,可能导致服务器端请求伪造攻击。
Description (English)
LinkAce is a self-hosted archive of Kevin Woblick personal developers to collect links to your favorite website. LinkAce 2.3.0 and previous versions had a code problem gap, which stemmed from the failure to verify whether the URLs provided by the users were internal or private network resources, which could result in the server requesting a false attack.
Hazard Level
Critical
Vulnerability Type
代码问题
Affected Vendor
个人开发者
Published
2025-11-04
Last Modified
2026-02-24
References
https://github.com/Kovah/LinkAce/commit/4e0b822163ccefc2640c283ae969a39e673a0619 https://github.com/Kovah/LinkAce/security/advisories/GHSA-473x-rmm6-mc8c http://github.com/Kovah/LinkAce/releases/tag/v2.4.0 https://access.redhat.com/security/cve/cve-2025-62719
Patch
https://github.com/Kovah/LinkAce/releases
Share on: