CNNVD-202512-3734 Information

CNNVD ID

CNNVD-202512-3734

Related CVE

CVE-2025-66905

• CNNVD Published: 2025-12-19

Description (Chinese)

Takes是Yegor Bugayenko个人开发者的一个面向对象Java Web开发框架。 Takes 2.0-SNAPSHOT及之前版本存在安全漏洞，该漏洞源于未规范化HTTP请求路径，可能导致任意文件读取。

Description (English)

Takes is a target-oriented Java Web development framework for Yegor Bugayenko personal developers. There is a security loophole in Takes 2.0-SNAPSHOT and its previous versions, which stems from the failure to regularize the HTTP request path, which may lead to arbitrary document reading.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-12-19

Last Modified

2026-02-24

References

https://github.com/Xzzz111/public_cve_report/blob/main/CVE-2025-66905_report.md https://github.com/yegor256/takes https://access.redhat.com/security/cve/cve-2025-66905