CNNVD-202601-1584 Information

CNNVD ID

CNNVD-202601-1584

Related CVE

CVE-2026-22584

• CNNVD Published: 2026-01-09

Description (Chinese)

Salesforce Uni2TS是美国Salesforce公司的一个时序预测Python库。 Salesforce Uni2TS 1.2.0及之前版本存在安全漏洞，该漏洞源于代码生成控制不当，可能导致在非可执行文件中利用可执行代码。

Description (English)

Salesforce Uni2TS is a time-series projection of the Python Library of Salesforce. There is a security loophole in Salesforce Uni2TS 1.2.0 and earlier versions, which stems from inadequate code generation controls and may lead to the use of enforceable codes in non-enforceable documents.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Salesforce

Published

2026-01-09

Last Modified

2026-02-24

References

https://help.salesforce.com/s/articleView?id=005239354&type=1 https://access.redhat.com/security/cve/cve-2026-22584

Patch

https://github.com/SalesforceAIResearch/uni2ts/releases