CNNVD-202601-3900 Information
Jan 22, 2026
cve
CNNVD ID
CNNVD-202601-3900
Related CVE
- CNNVD Published: 2026-01-22
Description (Chinese)
Grist是Grist开源的一种现代关系电子表格。 Grist 1.7.9之前版本存在注入漏洞,该漏洞源于pyodide沙箱屏障不足,可能导致在服务器上执行任意进程。
Description (English)
Krist is a modern relationship spreadsheet that is an open source for Glast. There was an injection loophole in the previous version of Christ 1.7.9, which stemmed from the inadequacy of the pyodide sandbox barrier, which could lead to the implementation of an arbitrary process on the server.
Hazard Level
Low
Vulnerability Type
注入
Affected Vendor
Grist
Published
2026-01-22
Last Modified
2026-02-24
References
https://github.com/gristlabs/grist-core/security/advisories/GHSA-7xvx-8pf2-pv5g https://support.getgrist.com/self-managed/#how-do-i-sandbox-documents
Patch
https://github.com/gristlabs/grist-core/releases
Share on: