CNNVD-202601-2563 Information
CNNVD ID
CNNVD-202601-2563
Related CVE
- CNNVD Published: 2026-01-15
Description (Chinese)
arcane是Arcane开源的一个Docker管理软件。 Arcane 1.13.0之前版本存在操作系统命令注入漏洞,该漏洞源于更新程序服务存在命令注入,可能导致执行任意shell命令。
Description (English)
Arcane is a Docker management software from Arcane Open Source. A prior version of Arcane 1.1.03.0 had an operational system command-injection loophole, which arose from the order-injection of the updated program service, which could lead to the execution of an arbitrary shell order.
Hazard Level
Low
Vulnerability Type
操作系统命令注入
Affected Vendor
Arcane
Published
2026-01-15
Last Modified
2026-02-24
References
https://github.com/getarcaneapp/arcane/commit/5a9c2f92e11f86f8997da8c672844468f930b7e4 https://github.com/getarcaneapp/arcane/pull/1468 https://github.com/getarcaneapp/arcane/releases/tag/v1.13.0 https://github.com/getarcaneapp/arcane/security/advisories/GHSA-gjqq-6r35-w3r8
Patch
https://github.com/getarcaneapp/arcane/releases
Share on: