CNNVD-202601-2269 Information
Jan 13, 2026
cve
CNNVD ID
CNNVD-202601-2269
Related CVE
- CNNVD Published: 2026-01-13
Description (Chinese)
Semantic release是Semantic Release团队的一个基于Js的版本管理和软件包发布工具。 Semantic release 5.4.8版本存在安全漏洞,该漏洞源于向各种API端点发送特制HTTP请求可绕过身份验证。
Description (English)
Semantic release is a Jes-based version management and software package release tool for the Semantić Releaase team. The security loophole in version 5.4.8 arises from the sending of specially designed HTTP requests to various API endpoints to circumvent authentication.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Semantic Release
Published
2026-01-13
Last Modified
2026-02-24
References
http://semantic.com http://veda.com https://github.com/Perunchess/CVE-2025-66698 https://access.redhat.com/security/cve/cve-2025-66698
Patch
https://github.com/semantic-machines/veda/releases
Share on: