4 matches found
Mattermost has an unspecified vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost has a security vulnerability that stems from the Wrangler plugin that can bypass AI access control. No details of the vulnerability are provided at this time...
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost has a security vulnerability that stems from the Wrangler plugin that can bypass AI access control. No details of the vulnerability are provided at this time...
CVE-2024-8999
lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST /api/v1/data-warehouse/bigquery endpoint. This vulnerability allows any user to export the entire database data by creating a stream to Google BigQuery without proper authentication or authorization. Th...
CVE-2024-10762 Missing Authorization in lunary-ai/lunary
In lunary-ai/lunary before version 1.5.9, the /v1/evaluators/ endpoint allows users to delete evaluators of a project by sending a DELETE request. However, the route lacks proper access control, such as middleware to ensure that only users with appropriate roles can delete evaluator data. This...