CNNVD-202511-2231 Information

CNNVD ID

CNNVD-202511-2231

Related CVE

CVE-2025-64408

• CNNVD Published: 2025-11-19

Description (Chinese)

Apache Causeway是Apache基金会的一个Java的快速应用程序开发框架。 Apache Causeway存在安全漏洞，该漏洞源于用户可控URL参数存在Java反序列化漏洞，可能导致远程代码执行。

Description (English)

Apache Causeway is a Java fast-track application development framework for the Apache Foundation. There is a security loophole in Apache Causeway, which stems from the fact that the user-controlled URL parameter has a Java back-sequencing loophole that may lead to remote code execution.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

阿帕奇

Published

2025-11-19

Last Modified

2026-02-24

References

http://www.openwall.com/lists/oss-security/2025/11/19/1 https://lists.apache.org/thread/rjlg4spqhmgy1xgq9wq5h2tfnq4pm70b https://access.redhat.com/security/cve/cve-2025-64408

Patch

https://causeway.apache.org/docs/latest/downloads/how-to.html