CNNVD-202602-609 Information
CNNVD ID
CNNVD-202602-609
Related CVE
- CNNVD Published: 2026-02-04
Description (Chinese)
Unstructured是Unstructured开源的一个非结构化数据的开源预处理工具。 unstructured 0.18.18之前版本存在安全漏洞,该漏洞源于partition_msg函数存在路径遍历,可能导致处理恶意MSG文件时写入或覆盖任意文件。
Description (English)
Unstructure is an open source preprocessing tool for unstructured data from Unstructure. There is a security loophole in the previous version of unstrutted 0.18.18, which stems from the existence of the Partition msg function, which may lead to the writing or overwhelming of any type of document when dealing with malicious MMG files.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Unstructured
Published
2026-02-04
Last Modified
2026-02-24
References
https://github.com/Unstructured-IO/unstructured/security/advisories/GHSA-gm8q-m8mv-jj5m https://github.com/Unstructured-IO/unstructured/commit/b01d35b2373fd087d2e15162b9c021663c97155d https://access.redhat.com/security/cve/cve-2025-64712
Patch
https://github.com/Unstructured-IO/unstructured/releases
Share on: