CNNVD-202511-2691 Information

CNNVD ID

CNNVD-202511-2691

Related CVE

CVE-2025-62155

• CNNVD Published: 2025-11-25

Description (Chinese)

New API是QuantumNous开源的一个接口软件。 New API 0.9.6之前版本存在代码问题漏洞，该漏洞源于SSRF修复不完整，302重定向可绕过安全限制。

Description (English)

New API is an interface for QuantumNous open source. New API 0.9.6 has a code problem loophole, which stems from the incompleteness of SSRF repairs and the re-direction of 302 to circumvent security restrictions.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

QuantumNous

Published

2025-11-25

Last Modified

2026-02-24

References

https://github.com/QuantumNous/new-api/security/advisories/GHSA-9f46-w24h-69w4 https://access.redhat.com/security/cve/cve-2025-62155

Patch

https://www.newapi.ai/