Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in EdgeGallery/developer before v1.0. There is a "Deserialization of yaml file" vulnerability that can allow attackers to execute system command through uploading the malicious constructed YAML file.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Github developer-be 代码问题漏洞
Vulnerability Description
Github developer-be是开发者平台是为App开发者提供开发工具/测试环境/上线部署的平台,分为前后台两个部分,developer-be是后台部分,提供接口调用,developer-fe是前台部分,提供界面展示。 Github developer-be 中存在代码问题漏洞,该漏洞源于未能安全检查上传的yaml文件。攻击者可通过上传恶意构建的yaml文件来执行系统命令。以下产品及版本受到影响:Edgegallery developer 1.0 之前版本。
CVSS Information
N/A
Vulnerability Type
N/A