CNNVD-202602-1302 Information
CNNVD ID
CNNVD-202602-1302
Related CVE
- CNNVD Published: 2026-02-09
Description (Chinese)
Litestar是Litestar开源的一个强大、灵活但固执己见的 ASGI 框架。 Litestar 2.20.0之前版本存在安全漏洞,该漏洞源于正则表达式元字符未转义,可能导致恶意源意外匹配。
Description (English)
Litestar is a powerful, flexible but adamant ASGI framework for Litestar’s open source. There was a security loophole in the previous version of Litestar 2.20.0, which stemmed from the non-transformation of regular expression meta characters, which could lead to an unintended matching of malicious sources.
Vulnerability Type
其他
Affected Vendor
Litestar
Published
2026-02-09
Last Modified
2026-02-24
References
https://github.com/litestar-org/litestar/security/advisories/GHSA-2p2x-hpg8-cqp2 https://docs.litestar.dev/2/release-notes/changelog.html#2.20.0 https://github.com/litestar-org/litestar/commit/eb87703b309efcc0d1b087dcb12784e76b003d5a https://github.com/litestar-org/litestar/releases/tag/v2.20.0 https://access.redhat.com/security/cve/cve-2026-25478
Patch
https://github.com/litestar-org/litestar/releases
Share on: