CNNVD-202601-3812 Information
CNNVD ID
CNNVD-202601-3812
Related CVE
- CNNVD Published: 2026-01-22
Description (Chinese)
beam是Beam开源的一个人工智能的运行时环境。 beam beta9 0.1.552版本存在安全漏洞,该漏洞源于joinCleanPath函数存在目录遍历,可能导致远程攻击者获取敏感信息。
Description (English)
Beam is an artificial intelligence running time environment for the Beam Open Source. There is a security loophole in version 9 beam beta 0.1.552, which stems from the existence of a directory of the joinCleanPath function, which may result in remote attackers obtaining sensitive information.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Beam
Published
2026-01-22
Last Modified
2026-02-24
References
https://github.com/ryotaromatsui/CVEs/tree/main/CVE-2025-69820 https://github.com/beam-cloud/beta9/blob/c1cd75e813cf7d53e916157d920099e89ef45caa/pkg/abstractions/volume/multipart.go#L45 https://github.com/aws/aws-sdk-php/security/advisories/GHSA-557v-xcg6-rm5m https://access.redhat.com/security/cve/cve-2025-69820
Share on: