High severityNVD Advisory· Published Aug 13, 2025· Updated Aug 13, 2025
CVE-2025-50946
CVE-2025-50946
Description
OS Command Injection in Olivetin 2025.4.22 Custom Themes via the ParseRequestURI function in service/internal/executor/arguments.go.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/OliveTin/OliveTinGo | <= 0.0.0-20250502155356-8c073bf45fca | — |
Affected products
3- ghsa-coords2 versionspkg:golang/github.com/olivetin/olivetinpkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Tumbleweed
<= 0.0.0-20250502155356-8c073bf45fca+ 1 more
- (no CPE)range: <= 0.0.0-20250502155356-8c073bf45fca
- (no CPE)range: < 0.0.20250818T190335-1.1
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-p3qf-84rg-jxfcghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-50946ghsaADVISORY
- github.com/OliveTin/OliveTin/blob/8c073bf45fca6c6eda4e8a9feb182433277343ee/service/internal/executor/arguments.goghsaWEB
- github.com/chrisWalker11/Cves/blob/main/CVE-2025-50946/CVE-2025-50946.mdghsaWEB
News mentions
0No linked articles in our index yet.