CNNVD-202511-2338 Information

CNNVD ID

CNNVD-202511-2338

Related CVE

CVE-2025-34320

• CNNVD Published: 2025-11-20

Description (Chinese)

BASIS BBj是美国BASIS公司的一个语言环境。 BASIS BBj 25.00之前版本存在安全漏洞，该漏洞源于未正确验证或规范化输入路径段，可能导致目录遍历攻击。

Description (English)

BASIS BBj is a language environment for BASIS in the United States. There is a security loophole in the pre-BASIS BBj 25.00 version, which stems from incorrect validation or regularization of input path segments, which could lead to a catalogue attack.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

BASIS

Published

2025-11-20

Last Modified

2026-02-24

References

https://myemail.constantcontact.com/BASIS-International-Ltd–releases-BBj—the-Barista–Application-Framework–and-AddonSoftware–by-Barista-version-25-00.html?soid=1103463119019&aid=WbfWkReLRVE https://www.vulncheck.com/advisories/basis-bbj-unauthenticated-arbitrary-file-read-rce https://access.redhat.com/security/cve/cve-2025-34320

Patch

https://myemail.constantcontact.com/BASIS-International-Ltd--releases-BBj---the-Barista--Application-Framework--and-AddonSoftware--by-Barista-version-25-00.html?soid=1103463119019&aid=WbfWkReLRVE