8 matches found
CVE-2024-39025
Incorrect access control in the /users endpoint of Cpacker MemGPT v0.3.17 allows attackers to access sensitive data...
Letta (previously MemGPT) incorrect access control vulnerability
Incorrect access control in the /users endpoint of Cpacker MemGPT v0.3.17 allows attackers to access sensitive data...
GHSA-7P2G-2VXC-5G55 Letta (previously MemGPT) incorrect access control vulnerability
Incorrect access control in the /users endpoint of Cpacker MemGPT v0.3.17 allows attackers to access sensitive data...
CVE-2024-39025
Incorrect access control in the /users endpoint of Cpacker MemGPT v0.3.17 allows attackers to access sensitive data...
CVE-2024-39025
Incorrect access control in the /users endpoint of Cpacker MemGPT v0.3.17 allows attackers to access sensitive data...
PT-2024-28335 · Unknown · Cpacker Memgpt
Name of the Vulnerable Software and Affected Versions: Cpacker MemGPT version 0.3.17 Description: The issue is related to incorrect access control in the "/users" endpoint, allowing attackers to access sensitive data. Recommendations: For version 0.3.17, consider disabling access to the "/users"...
CVE-2024-39025
CVE-2024-39025 affects Letta/MemGPT v0.3.17 (Cpacker MemGPT) and is caused by incorrect access control in the "/users" endpoint. Multiple sources (Red Hat, NVD, OSV, GHSA, Veracode, CIRCL, CNNVD, Snyk) describe that missing authorization in the get_all_users() flow can expose sensitive data. Cond...
CVE-2024-39025
Incorrect access control in the /users endpoint of Cpacker MemGPT v0.3.17 allows attackers to access sensitive data...