CNNVD-202512-4960 Information

CNNVD ID

CNNVD-202512-4960

Related CVE

CVE-2025-69206

• CNNVD Published: 2025-12-29

Description (Chinese)

Hemmelig是Hemmelig开源的一个内容加密软件。 Hemmelig 7.3.3之前版本存在安全漏洞，该漏洞源于Webhook URL验证存在SSRF过滤器绕过，可能导致服务器端请求伪造攻击。

Description (English)

Hemmelig is an open-source content encryption software for Hemmelig. The previous version of Hemmelig 7.3.3 had a security loophole, which originated from the verification of the existence of SSRF filters by Webhook URL, which could lead the server to request a false attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Hemmelig

Published

2025-12-29

Last Modified

2026-02-24

References

https://github.com/HemmeligOrg/Hemmelig.app/commit/6c909e571d0797ee3bbd2c72e4eb767b57378228 https://github.com/HemmeligOrg/Hemmelig.app/security/advisories/GHSA-vvxf-wj5w-6gj5 https://access.redhat.com/security/cve/cve-2025-69206

Patch

https://github.com/HemmeligOrg/Hemmelig.app/releases