Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/03/22 11:57 a.m.12 views

CVE-2024-9099

In lunary-ai/lunary version v1.4.29, the GET /projects API endpoint exposes both public and private API keys for all projects to users with minimal permissions, such as Viewers or Prompt Editors. This vulnerability allows unauthorized users to retrieve sensitive credentials, which can be used to...

8.8CVSS6.7AI score0.0055EPSS
Exploits1References1
OSV
OSV
added 2025/03/20 10:15 a.m.11 views

CVE-2024-9099

In lunary-ai/lunary version v1.4.29, the GET /projects API endpoint exposes both public and private API keys for all projects to users with minimal permissions, such as Viewers or Prompt Editors. This vulnerability allows unauthorized users to retrieve sensitive credentials, which can be used to...

8.1CVSS6.8AI score0.0055EPSS
Exploits1References2
NVD
NVD
added 2025/03/20 10:15 a.m.10 views

CVE-2024-9099

In lunary-ai/lunary version v1.4.29, the GET /projects API endpoint exposes both public and private API keys for all projects to users with minimal permissions, such as Viewers or Prompt Editors. This vulnerability allows unauthorized users to retrieve sensitive credentials, which can be used to...

8.8CVSS0.0055EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/03/20 10:10 a.m.10 views

CVE-2024-9099 Exposure of Private API Keys in lunary-ai/lunary

In lunary-ai/lunary version v1.4.29, the GET /projects API endpoint exposes both public and private API keys for all projects to users with minimal permissions, such as Viewers or Prompt Editors. This vulnerability allows unauthorized users to retrieve sensitive credentials, which can be used to...

8.8CVSS8.5AI score0.0055EPSS
Exploits1References2
CVE
CVE
added 2025/03/20 10:10 a.m.85 views

CVE-2024-9099

In lunary-ai/lunary version v1.4.29, the GET /projects API endpoint exposes both public and private API keys for all projects to users with minimal permissions (e.g., Viewers, Prompt Editors). This is a data disclosure vulnerability that could let an attacker retrieve sensitive credentials and ac...

8.8CVSS8.5AI score0.0055EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder