GHSA-H336-2WXM-PR6Q OpenViking contains a missing authorization vulnerability in the task polling endpoints

OpenViking versions prior to 0.3.3 contain a missing authorization vulnerability in the task polling endpoints that allows unauthorized attackers to enumerate or retrieve background task metadata created by other users. Attackers can access the /api/v1/tasks and /api/v1/tasks/taskid routes withou...

OpenViking 安全漏洞

OpenViking is an open-source artificial intelligence agent-based context database developed by Volcengine. Versions of OpenViking prior to 0.3.3 contained security vulnerabilities. These vulnerabilities stemmed from lack of authorization, which could allow unauthorized attackers to enumerate or...