网安资讯详情 - SecLens 情报雷达

网安资讯,一网打尽。汇集权威漏洞通告与行业要闻,结合分组浏览、智能过滤、RSS订阅 和 Webhook 推送,多通道拓展您的安全情报视野。

Jaspersoft Deserialization Vulnerability in Some Huawei Products

来源: huawei_security · 发布时间 2026-06-10 08:00 (UTC+08:00) · 抓取时间 2026-06-10 21:44 (UTC+08:00)

摘要

The open-source software Jaspersoft used by some Huawei products has a deserialization vulnerability. Successful exploitation of this vulnerability may lead to remote arbitrary code execution. (Vulnerability ID:HWPSIRT-2025-14096) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID:CVE-2025-10492

标签

扩展字段

{
  "hw_psirt_ids": [
    "HWPSIRT-2025-14096"
  ],
  "language": "en",
  "sasn_no": "huawei-sa-JDViSHP-74078912",
  "sasn_version": "1.3",
  "severity": "Critical",
  "vulnerabilities": [
    {
      "cveId": "CVE-2025-10492",
      "hwPsirtId": "HWPSIRT-2025-14096"
    }
  ]
}