CNNVD-202511-761 Information
CNNVD ID
CNNVD-202511-761
Related CVE
- CNNVD Published: 2025-11-07
Description (Chinese)
Datasette是Simon Willison个人开发者的应用软件用于探索和发布数据的开源多功能工具 Datasette 0.65.1及之前版本和1.0a0版本至1.0a19版本存在输入验证错误漏洞,该漏洞源于路径处理不当,可能导致开放重定向攻击。
Description (English)
Datasette is a Simon Willison personal developer application for open source multifunctional tool for data exploration and dissemination Datasette 0.65.1 and previous and 1.0a0 to 1.0a19 have input verification error loopholes, which stem from inappropriate path handling and may lead to open redirectional attacks.
Hazard Level
High
Vulnerability Type
输入验证错误
Affected Vendor
个人开发者
Published
2025-11-07
Last Modified
2026-02-24
References
https://github.com/simonw/datasette/commit/f257ca6edb64848c3b04b54d41e347c54fe57c05 https://github.com/simonw/datasette/security/advisories/GHSA-w832-gg5g-x44m https://github.com/simonw/datasette/issues/2429 https://access.redhat.com/security/cve/cve-2025-64481
Patch
https://github.com/simonw/datasette/releases
Share on: