CNNVD-202601-2381 Information

CNNVD ID

CNNVD-202601-2381

Related CVE

CVE-2026-22819

• CNNVD Published: 2026-01-14

Description (Chinese)

Outray是OutRay开源的一个本地服务器搭建工具。 Outray 0.1.5之前版本存在安全漏洞，该漏洞源于数据库事务锁定机制缺失，可能导致免费计划用户获取超出预期的子域名。

Description (English)

Outray is a local server set-up tool for OutRay open source. The security gap in the pre-Outray version of 0.1.5 arises from the absence of a database service lock-in mechanism, which may result in free plan users obtaining more than expected sub-domain names.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

OutRay

Published

2026-01-14

Last Modified

2026-02-24

References

https://github.com/outray-tunnel/outray/security/advisories/GHSA-45hj-9x76-wp9g https://github.com/outray-tunnel/outray/commit/73e8a09575754fb4c395438680454b2ec064d1d6 https://access.redhat.com/security/cve/cve-2026-22819

Patch

https://github.com/outray-tunnel/outray/releases