CNNVD-202512-365 Information

CNNVD ID

CNNVD-202512-365

Related CVE

CVE-2025-65843

• CNNVD Published: 2025-12-03

Description (Chinese)

Plugin Alliance Aquarius Desktop是美国Plugin Alliance公司的一个音频插件管理软件。 Plugin Alliance Aquarius Desktop 3.0.069版本存在安全漏洞，该漏洞源于支持数据归档功能未正确处理符号链接，可能导致任意文件泄露或修改。

Description (English)

Plugin Alliance Aquarus Desktop is an audio plugin management software for Plugin Alliance in the United States. There is a security loophole in version 3.0.069 of Plugin Alliance Aquarius Desktop, which stems from the incorrect processing of symbolic links to support data archiving, which may lead to the disclosure or modification of any document.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Plugin Alliance

Published

2025-12-03

Last Modified

2026-02-24

References

https://almightysec.com/insecure-file-handling-via-symlink/ https://access.redhat.com/security/cve/cve-2025-65843