CNNVD-202511-2915 Information
CNNVD ID
CNNVD-202511-2915
Related CVE
- CNNVD Published: 2025-11-26
Description (Chinese)
Faction是Faction Security开源的一个笔检报告生成和评估协作框架。 FACTION 1.7.1之前版本存在安全漏洞,该漏洞源于扩展执行路径允许不受信任的扩展代码执行任意系统命令,可能导致远程代码执行。
Description (English)
Faction is a collaborative framework for the generation and assessment of Faction Security’s report. There was a security loophole in the previous version of FACTION 1.7.1, which stemmed from the extension of the execution path to allow untrusted extension codes to execute any system order, which could result in remote code execution.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
Faction Security
Published
2025-11-26
Last Modified
2026-02-24
References
https://github.com/factionsecurity/faction/security/advisories/GHSA-xr72-2g43-586w https://github.com/factionsecurity/faction/commit/c6389f1c76175b7c1c68d1a87b389311b16c62c3 https://access.redhat.com/security/cve/cve-2025-66022
Patch
https://github.com/factionsecurity/faction/releases
Share on: