CNNVD-202511-3055 Information

CNNVD ID

CNNVD-202511-3055

Related CVE

CVE-2025-65112

• CNNVD Published: 2025-11-29

Description (Chinese)

PubNet是Ricardo Boss个人开发者的一个自托管软件包仓库。 PubNet 1.1.3之前版本存在安全漏洞，该漏洞源于/api/storage/upload端点未经验证，可能导致身份欺骗和权限提升。

Description (English)

PubNet is a self-hosted software package warehouse for the Ricardo Boss personal developer. The previous version of PubNet 1.1.3 had a security loophole, which originated from uncertified endpoints/api/storage/upload, which could lead to identity fraud and enhanced authority.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-11-29

Last Modified

2026-02-24

References

https://github.com/ricardoboss/PubNet/security/advisories/GHSA-pg82-fqrg-q6j5 https://access.redhat.com/security/cve/cve-2025-65112

Patch

https://github.com/ricardoboss/PubNet/releases