Lucene search
K

4 matches found

CNVD
CNVD
added 2025/05/12 12:0 a.m.4 views

Mattermost has an unspecified vulnerability

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost has a security vulnerability that stems from the Wrangler plugin that can bypass AI access control. No details of the vulnerability are provided at this time...

4.3CVSS3.4AI score0.00181EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/16 12:0 a.m.4 views

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost has a security vulnerability that stems from the Wrangler plugin that can bypass AI access control. No details of the vulnerability are provided at this time...

4.3CVSS4AI score0.00181EPSS
Exploits0References1
OSV
OSV
added 2025/03/20 10:15 a.m.12 views

CVE-2024-8999

lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST /api/v1/data-warehouse/bigquery endpoint. This vulnerability allows any user to export the entire database data by creating a stream to Google BigQuery without proper authentication or authorization. Th...

7.5CVSS7AI score0.00748EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/03/20 10:9 a.m.4 views

CVE-2024-10762 Missing Authorization in lunary-ai/lunary

In lunary-ai/lunary before version 1.5.9, the /v1/evaluators/ endpoint allows users to delete evaluators of a project by sending a DELETE request. However, the route lacks proper access control, such as middleware to ensure that only users with appropriate roles can delete evaluator data. This...

8.1CVSS8AI score0.00508EPSS
Exploits1References2
Rows per page
Query Builder