CNNVD-202511-1592 Information
CNNVD ID
CNNVD-202511-1592
Related CVE
- CNNVD Published: 2025-11-13
Description (Chinese)
PrivateBin是PrivateBin项目的一个极简的开源在线粘贴箱。 PrivateBin 1.7.7版本至2.0.3之前版本存在安全漏洞,该漏洞源于模板切换功能存在本地文件包含,可能导致读取敏感数据或远程代码执行。
Description (English)
PrivateBin is a very simple, open-source online sticker for the PrivateBin project. There is a security loophole in the pre-PreviateBin 1.7.7 to 2.0.3 versions, which stems from the fact that the template switch function is contained in a local file and may lead to the reading of sensitive data or remote code execution.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
PrivateBin
Published
2025-11-13
Last Modified
2026-02-24
References
https://github.com/PrivateBin/PrivateBin/commit/4434dbf73ac53217fda0f90d8cf9b6110f8acc4f https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-g2j9-g8r5-rg82 https://access.redhat.com/security/cve/cve-2025-64714
Patch
https://github.com/PrivateBin/PrivateBin/releases
Share on: