CNNVD-202601-818 Information

CNNVD ID

CNNVD-202601-818

Related CVE

CVE-2025-61916

• CNNVD Published: 2026-01-05

Description (Chinese)

Spinnaker是Spinnaker开源的一个持续交付平台。用于以高速度和高信心发布软件更改。 Spinnaker 2025.1.6之前版本、2025.2.3之前版本和2025.3.0之前版本存在代码问题漏洞，该漏洞源于存在服务端请求伪造，可能导致凭据泄露。

Description (English)

Spinnaker is a continuous delivery platform for Spinnaker ’ s open source. Used to publish software changes at high speed and confidence. Prior to Spinnaker 2025.1.6, previous version of 2025.2.3 and pre-version of 2025.3.0, there was a code gap, which stemmed from the existence of a service-end request for forgery, which could lead to the disclosure of evidence.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

Spinnaker

Published

2026-01-05

Last Modified

2026-02-24

References

https://github.com/spinnaker/spinnaker/security/advisories/GHSA-vrjc-q2fh-6x9h

Patch

https://github.com/spinnaker/spinnaker/releases