CNNVD-202511-2340 Information

CNNVD ID

CNNVD-202511-2340

Related CVE

CVE-2025-13425

• CNNVD Published: 2025-11-20

Description (Chinese)

OSV-SCALIBR是Google开源的一个软件组合分析库。 OSV-SCALIBR存在安全漏洞，该漏洞源于文件系统遍历路径错误，可能导致应用程序崩溃。

Description (English)

OSV-SCALIBR is an open-source software portfolio analysis library for Google. OSV-SCALIBR has a security loophole, which stems from the error of the file system ’ s routing, which could cause the application to collapse.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

谷歌

Published

2025-11-20

Last Modified

2026-02-24

References

https://github.com/google/osv-scalibr/commit/e67c4e198ca099cb7c16957a80f6c5331d90a672

Patch

https://github.com/google/osv-scalibr/releases