CNNVD-202601-2603 Information
CNNVD ID
CNNVD-202601-2603
Related CVE
- CNNVD Published: 2026-01-15
Description (Chinese)
LAS是Pacific Marine Environmental Laboratory开源的一个服务器软件。 LAS存在安全漏洞,该漏洞源于特制请求中的PyFerret表达式,可能导致远程代码执行。
Description (English)
LAS is a server software source for Pacific Marine Environmental Laboratory. LAS has a security loophole, which stems from the PyFerret expression in the special request and may lead to remote code execution.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Pacific Marine Environmental Laboratory
Published
2026-01-15
Last Modified
2026-02-24
References
https://github.com/NOAA-PMEL/LAS/blob/main/README.md https://github.com/NOAA-PMEL/LAS/commit/de5f9237bfd4ac5085bcc49a6e30bbc9507ddb29 https://github.com/NOAA-PMEL/LAS/commit/e69afb1898ae7e69f3e047513fc1e5570373912b https://github.com/NOAA-PMEL/LAS/compare/b4b7306..de5f923 https://github.com/NOAA-PMEL/LAS/tree/main https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-26-015-01.json https://www.cve.org/CVERecord?id=CVE-2025-62193
Patch
https://github.com/NOAA-PMEL/LAS/tags
Share on: