https://blog.qife122.com/tags/cve-2025-9122/ Recent content in CVE-2025-9122 on 办公AI智能小助手 Hugo zh-cn qife Sun, 28 Dec 2025 21:59:21 +0800 https://blog.qife122.com/p/pentaho%E6%95%B0%E6%8D%AE%E9%9B%86%E6%88%90%E4%B8%8E%E5%88%86%E6%9E%90%E5%B9%B3%E5%8F%B0%E6%9B%9D%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2%E6%BC%8F%E6%B4%9E%E9%94%99%E8%AF%AF%E4%BF%A1%E6%81%AF%E6%9A%B4%E9%9C%B2%E6%95%8F%E6%84%9F%E6%95%B0%E6%8D%AE/ Sun, 28 Dec 2025 21:59:21 +0800 https://blog.qife122.com/p/pentaho%E6%95%B0%E6%8D%AE%E9%9B%86%E6%88%90%E4%B8%8E%E5%88%86%E6%9E%90%E5%B9%B3%E5%8F%B0%E6%9B%9D%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2%E6%BC%8F%E6%B4%9E%E9%94%99%E8%AF%AF%E4%BF%A1%E6%81%AF%E6%9A%B4%E9%9C%B2%E6%95%8F%E6%84%9F%E6%95%B0%E6%8D%AE/ <p><strong>CVE-2025-9122: CWE-209 日立Vantara Pentaho数据集成与分析中生成包含敏感信息的错误消息</strong></p> <p><strong>严重性</strong>: 中等 <strong>类型</strong>: 漏洞 <strong>CVE</strong>: CVE-2025-9122</p> <p>日立Vantara Pentaho数据集成与分析社区仪表板框架在10.2.0.4之前版本（包括9.3.0.x和8.3.x）中，当<code>GetCdfResource</code> servlet遇到错误时，会显示完整的服务器堆栈跟踪。</p>