Vulnerabilities

CVE-2025-27446

by Fred · 06/07/2025

Incorrect Permission Assignment for Critical Resource vulnerability in Apache APISIX(java-plugin-runner).

Local listening file permissions in APISIX plugin runner allow a local attacker to elevate privileges.
This issue affects Apache APISIX(java-plugin-runner): from 0.2.0 through 0.5.0.

Users are recommended to upgrade to version 0.6.0 or higher, which fixes the issue.

More information : https://lists.apache.org/thread/qwxnxolt0j5nvjfpr0mlz6h7nrtvyzng

Similar

Tags: Cybersecurity Alert