CNNVD-202511-891 Information
Nov 10, 2025
cve
CNNVD ID
CNNVD-202511-891
Related CVE
- CNNVD Published: 2025-11-10
Description (Chinese)
Bugsink是Bugsink开源的一个自托管Bug跟踪软件。 Bugsink 2.0.6之前版本存在安全漏洞,该漏洞源于特制的Brotli压缩信封可能导致CPU时间过度消耗,可能导致拒绝服务。
Description (English)
Bugsink is an open-source Bugsink self-administered Bug tracking software. Prior to Bugsink 2.0.6, there was a security loophole, which originated from a specially designed Brotli compressed envelope, which could lead to excessive consumption of CPU time and possibly denial of services.
Hazard Level
Medium
Vulnerability Type
其他
Published
2025-11-10
Last Modified
2026-02-24
References
https://github.com/bugsink/bugsink/security/advisories/GHSA-rrx3-2x4g-mq2h https://access.redhat.com/security/cve/cve-2025-64509
Patch
https://github.com/bugsink/bugsink/releases
Share on: