CNNVD-202601-4278 Information

CNNVD ID

CNNVD-202601-4278

Related CVE

CVE-2026-24474

• CNNVD Published: 2026-01-24

Description (Chinese)

Dioxus Components是Dioxus Labs开源的一个基础组件。 Dioxus Components 41e4242ecb1062d04ae42a5215363c1d9fd4e23a之前版本存在安全漏洞，该漏洞源于use_animated_open函数使用用户提供的id格式化eval字符串，可能导致代码注入。

Description (English)

Dioxus Components is a basic component of the Dioxus Labs open source. The previous version of Dioxus Components 41e42ecb1062 d04ae42a5215363c1d9fd4e23a had a security loophole, which originated from the use of the user-provided id formatting eval string that could lead to code injection.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Dioxus Labs

Published

2026-01-24

Last Modified

2026-02-24

References

https://github.com/DioxusLabs/components/security/advisories/GHSA-34pj-292j-xr69 https://github.com/DioxusLabs/components/commit/41e4242ecb1062d04ae42a5215363c1d9fd4e23a https://access.redhat.com/security/cve/cve-2026-24474