CNNVD-202511-2941 Information
CNNVD ID
CNNVD-202511-2941
Related CVE
- CNNVD Published: 2025-11-27
Description (Chinese)
Apache CloudStack是美国阿帕奇(Apache)基金会的一套基础架构即服务(IaaS)云计算平台。该平台主要用于部署和管理大型虚拟机网络。 Apache CloudStack 4.18.0版本至4.20.2之前版本和4.21.0版本至4.22.0之前版本存在安全漏洞,该漏洞源于代码生成控制不当,可能导致代码注入攻击。
Description (English)
Apache CloudStack is a basic infrastructure of the Apache Foundation in the United States, i.e., the Iaas cloud computing platform. The platform is used primarily for the deployment and management of a large virtual network. There is a security loophole between Appache CloudStack versions 4.18.0 and 4.21.0 and 4.22.0, which arises from inadequate code generation controls, which may lead to code injection attacks.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
阿帕奇
Published
2025-11-27
Last Modified
2026-02-24
References
https://lists.apache.org/thread/kwwsg2j85f1b75o0ht5zbr34d7h66788 http://www.openwall.com/lists/oss-security/2025/11/27/2 https://access.redhat.com/security/cve/cve-2025-59302
Patch
https://cloudstack.apache.org/
Share on: