CVE-2025-2622 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

A vulnerability was found in aizuda snail-job 1.4.0. It has been classified as critical. Affected is the function getRuntime of the file /snail-job/workflow/che…
Medium CVSS: 5.3

CVE-2025-2622

A vulnerability was found in aizuda snail-job 1.4.0. It has been classified as critical. Affected is the function getRuntime of the file /snail-job/workflow/check-node-expression of the component Workflow-Task Management Module. The manipulation of the argument nodeExpression leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Vendor
Aizuda
Product
Snail-job
CWE
CWE-20
Yayın Tarihi
2025-03-22 17:15:35
Güncelleme
2025-03-26 18:38:53
Source Identifier
cna@vuldb.com
KEV Date Added
-

Kategoriler

CWE-20 Snail-job MEDIUM Aizuda 2025

Referanslar

https://gitee.com/aizuda/snail-job/issues/IBSQ24 https://gitee.com/aizuda/snail-job/issues/IBSQ24#note_38500450_link https://vuldb.com/?ctiid.300624 https://vuldb.com/?id.300624 https://vuldb.com/?submit.518999 https://gitee.com/aizuda/snail-job/issues/IBSQ24