CNNVD-202601-827 Information
Jan 05, 2026
cve
CNNVD ID
CNNVD-202601-827
Related CVE
- CNNVD Published: 2026-01-05
Description (Chinese)
EverShop是EverShop开源的一个 NodeJS 电商平台。 EverShop 2.1.0及之前版本存在安全漏洞,该漏洞源于处理SVG文件时资源消耗无限制,可能导致拒绝服务攻击。
Description (English)
EverShop is a NodeJSS electrician platform that is open to EverShop. There is a security gap in EverShop 2.1.0 and earlier versions, which stems from the unlimited consumption of resources in processing SVG documents, which may lead to denial of service attacks.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
EverShop
Published
2026-01-05
Last Modified
2026-02-24
References
https://github.com/dos-m0nk3y/CVE/tree/main/CVE-2025-67419 https://github.com/evershopcommerce/evershop https://access.redhat.com/security/cve/cve-2025-67419
Share on: