CNNVD-202511-3037 Information

CNNVD ID

CNNVD-202511-3037

Related CVE

CVE-2025-66223

• CNNVD Published: 2025-11-29

Description (Chinese)

OpenObserve是OpenObserve开源的一个云原生可观察性平台。 OpenObserve 0.16.0之前版本存在代码问题漏洞，该漏洞源于组织邀请令牌管理不当，可能导致访问控制失效。

Description (English)

OpenObserve is a cloud-observable platform open to OpenObserve. The pre-openObserve 0.16.0 version had a code gap, which stemmed from the organization ’ s inappropriate management of invitation tokens, which could lead to the failure of access controls.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

OpenObserve

Published

2025-11-29

Last Modified

2026-02-24

References

https://github.com/openobserve/openobserve/security/advisories/GHSA-c856-2xpx-gw75 https://access.redhat.com/security/cve/cve-2025-66223

Patch

https://openobserve.ai/downloads/