CNNVD-202512-2592 Information

CNNVD ID

CNNVD-202512-2592

Related CVE

CVE-2025-14651

• CNNVD Published: 2025-12-14

Description (Chinese)

One Hub是Buer个人开发者的一个OpenAI 接口管理和分发系统。 One Hub 0.14.27及之前版本存在安全漏洞，该漏洞源于docker-compose.yml文件中参数SESSION_SECRET使用硬编码密钥，可能导致远程攻击。

Description (English)

One Hub is an OpenAI interface management and distribution system for Buer personal developers. One Hub 0.14.27 and previous versions had a security loophole, which stemmed from the use of hard-coded keys in the docker-compose.yml file parameter SESSION SECRET, which could lead to a long-range attack.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-12-14

Last Modified

2026-02-24

References

https://github.com/MartialBE/one-hub/blob/main/docker-compose.yml#L15C24-L15C38 https://vuldb.com/?ctiid.336384 https://vuldb.com/?id.336384 https://vuldb.com/?submit.710249 https://github.com/MartialBE/one-hub/issues/872 https://github.com/MartialBE/one-hub/issues/872#issuecomment-3616033169 https://access.redhat.com/security/cve/cve-2025-14651