CNNVD-202511-2317 Information
Nov 20, 2025
cve
CNNVD ID
CNNVD-202511-2317
Related CVE
- CNNVD Published: 2025-11-20
Description (Chinese)
Open OnDemand是Ohio Supercomputer Center开源的一个通过Web实现开放式交互式HPC的软件。 Open OnDemand 4.0.8之前版本和3.1.16之前版本存在安全漏洞,该漏洞源于GEM_PATH中存在全局可写位置。
Description (English)
Open OnDemand is an open interactive HPC software from the Open Supercomputer Center open source through Web. There is a security loophole in Open OnDemand before 4.0.8 and before 3.1.16, which stems from the global writeable position in GEM PATH.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Ohio Supercomputer Center
Published
2025-11-20
Last Modified
2026-02-24
References
https://github.com/OSC/ondemand/security/advisories/GHSA-r2cg-hg78-gq9p
Patch
https://github.com/OSC/ondemand/releases
Share on: