CNNVD-202512-2024 Information
CNNVD ID
CNNVD-202512-2024
Related CVE
- CNNVD Published: 2025-12-10
Description (Chinese)
pipeshub-ai是PipesHub AI - The Open Source Alternative to Glean开源的一个企业自动化平台。 pipeshub-ai 0.1.0-beta之前版本存在代码问题漏洞,该漏洞源于缺少身份验证,可能导致攻击者通过特制文件名进行远程文件覆盖或植入恶意代码。
Description (English)
Pipeshub-ai is an enterprise automation platform for the Open Source Open Source The previous version of pipeshub-ai 0.1.0-beta had a code loophole, which stemmed from a lack of identification and could lead to remote file overlay or implanting of malicious codes by the assailant through a specially created file name.
Hazard Level
Medium
Vulnerability Type
代码问题
Published
2025-12-10
Last Modified
2026-02-24
References
https://github.com/pipeshub-ai/pipeshub-ai/commit/987ebab40a1fc39956730ed93220f7f9b2c4e5f8 https://github.com/pipeshub-ai/pipeshub-ai/security/advisories/GHSA-w398-9m55-2357 https://access.redhat.com/security/cve/cve-2025-67506
Patch
https://github.com/pipeshub-ai/pipeshub-ai/releases
Share on: