6 matches found
CVE-2025-32779
E.D.D.I Enhanced Dialog Driven Interface is a middleware to connect and manage LLM API bots. In versions before 5.5.0, an attacker with access to the /backup/import API endpoint can write arbitrary files to locations outside the intended extraction directory due to a Zip Slip vulnerability...
CVE-2025-32779
creationtimestamp| type| source ---|---|--- 2025-04-15 17:04:34+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114343062669368490 2025-04-15 18:43:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmuqakqs7r2r 2025-04-15 21:37:58+00:00| seen| https://t.me/cvedetector/229...
CVE-2025-32779 labsai/eddi Vulnerable to Path Traversal (Zip Slip) in ZIP Import Function
E.D.D.I Enhanced Dialog Driven Interface is a middleware to connect and manage LLM API bots. In versions before 5.5.0, an attacker with access to the /backup/import API endpoint can write arbitrary files to locations outside the intended extraction directory due to a Zip Slip vulnerability...
CVE-2025-32779 labsai/eddi Vulnerable to Path Traversal (Zip Slip) in ZIP Import Function
E.D.D.I Enhanced Dialog Driven Interface is a middleware to connect and manage LLM API bots. In versions before 5.5.0, an attacker with access to the /backup/import API endpoint can write arbitrary files to locations outside the intended extraction directory due to a Zip Slip vulnerability...
CVE-2025-32779 labsai/eddi Vulnerable to Path Traversal (Zip Slip) in ZIP Import Function
E.D.D.I Enhanced Dialog Driven Interface is a middleware to connect and manage LLM API bots. In versions before 5.5.0, an attacker with access to the /backup/import API endpoint can write arbitrary files to locations outside the intended extraction directory due to a Zip Slip vulnerability...
CVE-2025-32779
E.D.D.I (Enhanced Dialog Driven Interface) is vulnerable to a Zip Slip path traversal in the ZIP import path ( /backup/import ) prior to version 5.5.0, allowing an attacker to write arbitrary files outside the intended extraction directory and potentially overwrite application files (e.g., JARs) ...