CNNVD-202512-5393 Information

CNNVD ID

CNNVD-202512-5393

Related CVE

CVE-2025-15246

• CNNVD Published: 2025-12-30

Description (Chinese)

snail-job是aizuda开源的一个分布式任务调度平台。 snail-job 1.7.0及之前版本存在代码问题漏洞，该漏洞源于对组件API中参数argsStr的错误操作，可能导致反序列化攻击。

Description (English)

Snail-job is a distributed task control platform for anizuda open source. There is a code problem loophole in snail-job 1.7.0 and earlier versions, which stems from an error in the argsStr of the API parameter, which could lead to a back-serialized attack.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

aizuda

Published

2025-12-30

Last Modified

2026-02-24

References

https://gitee.com/aizuda/snail-job/issues/ICQV61 https://vuldb.com/?ctiid.338636 https://vuldb.com/?id.338636