CNNVD-202601-015 Information
Jan 01, 2026
cve
CNNVD ID
CNNVD-202601-015
Related CVE
- CNNVD Published: 2026-01-01
Description (Chinese)
eopkg是GetSolus开源的一个包管理器。 eopkg 4.4.0之前版本存在安全漏洞,该漏洞源于恶意软件包可能包含eopkg未跟踪的文件,导致相关工具无法显示这些文件。
Description (English)
eopkg is a package manager for GetSolus open source. The security loophole in the pre-eopkg 4.4.0 version stems from the fact that the malicious software package may contain documents that are not tracked by eopkg, making it impossible for the relevant tools to display them.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
GetSolus
Published
2026-01-01
Last Modified
2026-02-24
References
https://github.com/getsolus/eopkg/commit/e7694323ed64e08b5b4b108fff273c64125cd39d https://github.com/getsolus/eopkg/pull/201 https://github.com/getsolus/eopkg/releases/tag/v4.4.0 https://github.com/getsolus/eopkg/security/advisories/GHSA-hjp7-qwrj-6cc6
Patch
https://github.com/getsolus/eopkg/releases
Share on: