CNNVD-202602-298 Information

CNNVD ID

CNNVD-202602-298

Related CVE

CVE-2026-25233

• CNNVD Published: 2026-02-03

Description (Chinese)

pearweb是PEAR开源的一个 PHP 扩展和应用程序存储库。 pearweb 1.33.0之前版本存在安全漏洞，该漏洞源于路线图角色检查存在逻辑错误，可能导致非主要维护者创建、更新或删除路线图。

Description (English)

Pearweb is a PHP extension and application repository that is an open source for PEAR. There was a security loophole in the pre-pearweb 1.33.0, which stemmed from a logical error in the road map role check, which could lead to the creation, updating or deletion of the road map by non-main defenders.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

PEAR

Published

2026-02-03

Last Modified

2026-02-24

References

https://github.com/pear/pearweb/security/advisories/GHSA-p92v-9j73-fxx3 https://access.redhat.com/security/cve/cve-2026-25233

Patch

https://github.com/pear/pearweb/tags