CVE-2024-32779

Missing Authorization vulnerability in Avirtum Vision Interactive.This issue affects Vision Interactive: from n/a through 1.7.1...

CVE-2025-32779

E.D.D.I Enhanced Dialog Driven Interface is a middleware to connect and manage LLM API bots. In versions before 5.5.0, an attacker with access to the /backup/import API endpoint can write arbitrary files to locations outside the intended extraction directory due to a Zip Slip vulnerability...

CVE-2025-32779

creationtimestamp| type| source ---|---|--- 2025-04-15 17:04:34+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114343062669368490 2025-04-15 18:43:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmuqakqs7r2r 2025-04-15 21:37:58+00:00| seen| https://t.me/cvedetector/229...

CVE-2025-32779 labsai/eddi Vulnerable to Path Traversal (Zip Slip) in ZIP Import Function

E.D.D.I Enhanced Dialog Driven Interface is a middleware to connect and manage LLM API bots. In versions before 5.5.0, an attacker with access to the /backup/import API endpoint can write arbitrary files to locations outside the intended extraction directory due to a Zip Slip vulnerability...

CVE-2025-32779 labsai/eddi Vulnerable to Path Traversal (Zip Slip) in ZIP Import Function

E.D.D.I Enhanced Dialog Driven Interface is a middleware to connect and manage LLM API bots. In versions before 5.5.0, an attacker with access to the /backup/import API endpoint can write arbitrary files to locations outside the intended extraction directory due to a Zip Slip vulnerability...

CVE-2025-32779 labsai/eddi Vulnerable to Path Traversal (Zip Slip) in ZIP Import Function

E.D.D.I Enhanced Dialog Driven Interface is a middleware to connect and manage LLM API bots. In versions before 5.5.0, an attacker with access to the /backup/import API endpoint can write arbitrary files to locations outside the intended extraction directory due to a Zip Slip vulnerability...

CVE-2025-32779

E.D.D.I (Enhanced Dialog Driven Interface) is vulnerable to a Zip Slip path traversal in the ZIP import path ( /backup/import ) prior to version 5.5.0, allowing an attacker to write arbitrary files outside the intended extraction directory and potentially overwrite application files (e.g., JARs) ...

CVE-2024-32779 WordPress Vision – Image Map Builder plugin <= 1.7.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Avirtum Vision Interactive.This issue affects Vision Interactive: from n/a through 1.7.1...

CVE-2024-32779 WordPress Vision – Image Map Builder plugin <= 1.7.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Avirtum Vision Interactive.This issue affects Vision Interactive: from n/a through 1.7.1...

CVE-2024-32779

Technical details (affected product/version, root cause, exploit information, remediation) are not publicly provided in the supplied documents. The CVE-2024-32779 entry notes a Missing Authorization issue in Vision Interactive up to 1.7.1, but no technical specifics or fixes are included here; mo...

WordPress Vision Interactive Plugin <= 1.7.1 is vulnerable to Broken Access Control

Software Vision Interactive Type Plugin Vulnerable versions = 1.7.1 Fixed in 1.7.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-32779 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ed5556ff45af Credits Steven Julian Required...

SUSE CVE-2021-32779

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions envoy incorrectly handled a URI 'fragment' element as part of the path element. Envoy is configured with an RBAC filter for authorization or similar mechanism with...

Laurent Rineau CGAL Code Execution Vulnerability (CNVD-2022-32779)

Laurent Rineau CGAL is an open source application from Laurent Rineau. Providing access to geometric algorithms in the form of C libraries, Laurent Rineau CGAL suffers from a security vulnerability that could be exploited by an attacker to provide specially formatted malformed files to cause...

olcne istio istio kubernetes security update

olcne 1.3.2-2 - Turn off default PodDisruptionBudget in istio template to unblock kubernetes module upgrade - Update Kubernetes version to 1.20.11 to address CVE-2021-25741 - Update Istio to 1.9.8, 1.10.4 to address CVE-2021-32777, CVE-2021-32778, CVE-2021-32779, CVE-2021-32780 & CVE-2021-32781 -...

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 2.0.7.1 security update

An update for servicemesh and servicemesh-proxy is now available for OpenShift Service Mesh 2.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 1.1.17.1 security update

An update for servicemesh and servicemesh-proxy is now available for OpenShift Service Mesh 1.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2021-32779

creationtimestamp| type| source ---|---|--- 2021-08-25 00:23:30+00:00| seen| https://t.me/cibsecurity/27848 2021-09-10 02:29:59+00:00| seen| https://t.me/cibsecurity/28639...

RHEL 8 : Red Hat OpenShift Service Mesh 2.0.7.1 (RHSA-2021:3272)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3272 advisory. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise...

RHEL 8 : Red Hat OpenShift Service Mesh 1.1.17.1 (RHSA-2021:3273)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3273 advisory. Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise...

CVE-2021-32779 Incorrectly handling of URI '#fragment' element as part of the path element

Envoy is an open source L7 proxy and communication bus designed for large modern service oriented architectures. In affected versions envoy incorrectly handled a URI 'fragment' element as part of the path element. Envoy is configured with an RBAC filter for authorization or similar mechanism with...