CNNVD-202601-1816 Information
CNNVD ID
CNNVD-202601-1816
Related CVE
- CNNVD Published: 2026-01-12
Description (Chinese)
Iris是DFIR-IRIS开源的一个快速、简单但功能齐全且非常高效的 Go 网络框架。 Iris 2.4.24之前版本存在安全漏洞,该漏洞源于datastore文件管理系统存在批量分配漏洞且删除操作信任路径,可能导致经过身份验证的用户删除任意文件系统路径。
Description (English)
Iris is a fast, simple, but fully functional and efficient Go web framework for the DFIR-IRIS open source. The previous version of Iris 2.4.24 had a security loophole, which stemmed from the mass distribution gap in the datastore document management system and the removal of the operating trust path, which could lead to the removal of any file system path by an identified user.
Hazard Level
Low
Vulnerability Type
其他
Affected Vendor
DFIR-IRIS
Published
2026-01-12
Last Modified
2026-02-24
References
https://github.com/dfir-iris/iris-web/commit/57c1b80494bac187893aebc6d9df1ce6e56485b7 https://github.com/dfir-iris/iris-web/security/advisories/GHSA-qhqj-8qw6-wp8v
Patch
https://github.com/dfir-iris/iris-web/releases
Share on: