pig4cloud pig の CVE(2 件)

CVE 件数: 2 CPE versions: View versions table

概要

本ページは pig4cloud pig に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。

表示中 12 / 2 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2025-63691 In pig-mesh In Pig version 3.8.2 and below, within the Token Management function under the System Management module, the token query interface (/api/admin/sys-token/page) has an improper permission verification issue, which leads to information leakage. This interface can be called by any user who has completed login authentication, and it returns the plaintext authentication Tokens of all users currently logged in to the system. As a result, ordinary users can obtain the administrator's authent [email protected] 9.6 0.32% 2025-11-07 2026-06-17
CVE-2025-63690 In pig-mesh Pig versions 3.8.2 and below, when setting up scheduled tasks in the Quartz management function under the system management module, it is possible to execute any Java class with a parameterless constructor and its methods with parameter type String through reflection. At this time, the eval method in Tomcat's built-in class jakarta.el.ELProcessor can be used to execute commands, leading to a remote code execution vulnerability. [email protected] 9.1 0.86% 2025-11-07 2026-06-17
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence