CNNVD-202512-896 Information
CNNVD ID
CNNVD-202512-896
Related CVE
- CNNVD Published: 2025-12-08
Description (Chinese)
HummerCloud HummerRisk是中国瀚马科技(HummerCloud)公司的一个开源的云原生安全平台,以非侵入的方式解决云原生环境的安全和治理问题,核心能力包括混合云的安全治理和云原生安全检测。 HummerCloud HummerRisk v1.5.0及之前版本存在安全漏洞,该漏洞源于使用存在漏洞的Snakeyaml组件,可能导致远程代码执行和服务器接管。
Description (English)
HummerClaud HummerRisk is an open-source cloud-based safety platform for HummerClaud, China, to address, in a non-intrusive manner, the safety and governance of the cloud-based environment, with core capabilities including the security governance of mixed clouds and cloud-based safety tests. HummerClaud HummerRisk v1.5.0 and previous versions had a security loophole, which stemmed from the use of the Snakeyaml component, which had a gap and could lead to remote code execution and server takeover.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
瀚马科技
Published
2025-12-08
Last Modified
2026-02-24
References
https://gist.github.com/k1ng0fic3/e8c8c9353fff8fa95e2c2952587e9266 https://github.com/k1ng0fic3/secrisk/blob/main/README.md https://access.redhat.com/security/cve/cve-2025-63721
Share on: