Pig4Cloud Pig vulnerabilities
2 known vulnerabilities affecting pig4cloud/pig.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2025-63690P2CRITICALCVSS 9.1≤ 3.8.22025-11-07
CVE-2025-63690 [CRITICAL] CWE-470 CVE-2025-63690: In pig-mesh Pig versions 3.8.2 and below, when setting up scheduled tasks in the Quartz management f
In pig-mesh Pig versions 3.8.2 and below, when setting up scheduled tasks in the Quartz management function under the system management module, it is possible to execute any Java class with a parameterless constructor and its methods with parameter type String through reflection. At this time, the eval method in Tomcat's built-in class jakarta.el.
nvd
CVE-2025-63691P2CRITICALCVSS 9.6≤ 3.8.22025-11-07
CVE-2025-63691 [CRITICAL] CWE-285 CVE-2025-63691: In pig-mesh In Pig version 3.8.2 and below, within the Token Management function under the System Ma
In pig-mesh In Pig version 3.8.2 and below, within the Token Management function under the System Management module, the token query interface (/api/admin/sys-token/page) has an improper permission verification issue, which leads to information leakage. This interface can be called by any user who has completed login authentication, and it returns
nvd