Lucene search
K

6 matches found

NVD
NVD
added 2025/04/15 5:15 p.m.19 views

CVE-2025-32779

E.D.D.I Enhanced Dialog Driven Interface is a middleware to connect and manage LLM API bots. In versions before 5.5.0, an attacker with access to the /backup/import API endpoint can write arbitrary files to locations outside the intended extraction directory due to a Zip Slip vulnerability...

6.5CVSS0.01081EPSS
Exploits0References3
Circl
Circl
added 2025/04/15 5:4 p.m.6 views

CVE-2025-32779

creationtimestamp| type| source ---|---|--- 2025-04-15 17:04:34+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114343062669368490 2025-04-15 18:43:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmuqakqs7r2r 2025-04-15 21:37:58+00:00| seen| https://t.me/cvedetector/229...

6.5CVSS4.8AI score0.01081EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/15 4:32 p.m.6 views

CVE-2025-32779 labsai/eddi Vulnerable to Path Traversal (Zip Slip) in ZIP Import Function

E.D.D.I Enhanced Dialog Driven Interface is a middleware to connect and manage LLM API bots. In versions before 5.5.0, an attacker with access to the /backup/import API endpoint can write arbitrary files to locations outside the intended extraction directory due to a Zip Slip vulnerability...

6.5CVSS7.5AI score0.01081EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/15 4:32 p.m.21 views

CVE-2025-32779 labsai/eddi Vulnerable to Path Traversal (Zip Slip) in ZIP Import Function

E.D.D.I Enhanced Dialog Driven Interface is a middleware to connect and manage LLM API bots. In versions before 5.5.0, an attacker with access to the /backup/import API endpoint can write arbitrary files to locations outside the intended extraction directory due to a Zip Slip vulnerability...

6.5CVSS0.01081EPSS
Exploits0References3
OSV
OSV
added 2025/04/15 4:32 p.m.9 views

CVE-2025-32779 labsai/eddi Vulnerable to Path Traversal (Zip Slip) in ZIP Import Function

E.D.D.I Enhanced Dialog Driven Interface is a middleware to connect and manage LLM API bots. In versions before 5.5.0, an attacker with access to the /backup/import API endpoint can write arbitrary files to locations outside the intended extraction directory due to a Zip Slip vulnerability...

6.5CVSS7.4AI score0.01081EPSS
Exploits0References5
CVE
CVE
added 2025/04/15 4:32 p.m.68 views

CVE-2025-32779

E.D.D.I (Enhanced Dialog Driven Interface) is vulnerable to a Zip Slip path traversal in the ZIP import path ( /backup/import ) prior to version 5.5.0, allowing an attacker to write arbitrary files outside the intended extraction directory and potentially overwrite application files (e.g., JARs) ...

6.5CVSS6.8AI score0.01081EPSS
Exploits0References3
Rows per page
Query Builder