CNNVD-202512-006 Information

CNNVD ID

CNNVD-202512-006

Related CVE

CVE-2025-66405

• CNNVD Published: 2025-12-01

Description (Chinese)

AI Gateway是Portkey.ai开源的一个AI网关。 AI Gateway 1.14.0之前版本存在代码问题漏洞，该漏洞源于SSRF漏洞，可能导致外部资源访问。

Description (English)

AI Gateway is an AI gateway to Portkey.ai open source. AI Gateway 1.14.0 has a code problem loophole, which originated in an SARF loophole and could lead to external resource access.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Portkey.ai

Published

2025-12-01

Last Modified

2026-02-24

References

https://github.com/Portkey-AI/gateway/security/advisories/GHSA-hhh5-2cvx-vmfp https://github.com/Portkey-AI/gateway/commit/b5a7825ba5f4e6918deb32d9969899ce2229a885 https://github.com/Portkey-AI/gateway/pull/1372 https://access.redhat.com/security/cve/cve-2025-66405

Patch

https://github.com/Portkey-AI/gateway/releases