CVE-2025-65017— Decidim's private data exports can lead to data leaks

Decidim's private data exports can lead to data leaks

Decidim is a participatory democracy framework. In versions from 0.30.0 to before 0.30.4 and from 0.31.0.rc1 to before 0.31.0, the private data exports can lead to data leaks in case the UUID generation, causing collisions for the generated UUIDs. This issue has been patched in versions 0.30.4 and 0.31.0.

N/A

信息暴露

Decidim 安全漏洞

Decidim是Decidim开源的一个参与式民主框架，用 Ruby on Rails 编写。 Decidim 0.30.0版本至0.30.4之前版本和0.31.0.rc1版本至0.31.0之前版本存在安全漏洞，该漏洞源于私有数据导出功能存在UUID碰撞，可能导致数据泄露。

N/A

N/A