CNNVD-202601-1761 Information

CNNVD ID

CNNVD-202601-1761

Related CVE

CVE-2025-61686

• CNNVD Published: 2026-01-10

Description (Chinese)

react-router是Remix开源的一个 React 的声明式路由。 react-router存在路径遍历漏洞，该漏洞源于使用未签名cookie时，会话可能尝试从指定会话文件目录之外的位置读取或写入。

Description (English)

React-router is a react path for Remix open source. React-router has a loophole in its path, which arises when using unsigned cookies, a session may try to read or write from a location other than the specified session file directory.

Hazard Level

Low

Vulnerability Type

路径遍历

Affected Vendor

Remix

Published

2026-01-10

Last Modified

2026-02-24

References

https://github.com/remix-run/react-router/security/advisories/GHSA-9583-h5hc-x8cw

Patch

https://reactrouter.com/