6 matches found
EUVD-2024-48393
Malicious code in bioql PyPI...
CVE-2024-7473
An IDOR vulnerability exists in the 'Evaluations' function of the 'umgws datasets' section in lunary-ai/lunary versions 1.3.2. This vulnerability allows an authenticated user to update other users' prompts by manipulating the 'id' parameter in the request. The issue is fixed in version 1.4.3...
CVE-2024-7473
An IDOR vulnerability exists in the 'Evaluations' function of the 'umgws datasets' section in lunary-ai/lunary versions 1.3.2. This vulnerability allows an authenticated user to update other users' prompts by manipulating the 'id' parameter in the request. The issue is fixed in version 1.4.3...
CVE-2024-7473
An IDOR vulnerability exists in the 'Evaluations' function of the 'umgws datasets' section in lunary-ai/lunary versions 1.3.2. This vulnerability allows an authenticated user to update other users' prompts by manipulating the 'id' parameter in the request. The issue is fixed in version 1.4.3...
CVE-2024-7473
CVE-2024-7473 describes an IDOR in Lunary AI: lunary-ai/lunary versions 1.3.2 to 1.4.2 allow an authenticated user to update other users’ prompts by manipulating the request’s id parameter in the Evaluations function of the umgws datasets. The root cause is unauthorized modification of a user-con...
PT-2024-9681 · Lunary Ai · Lunary
Name of the Vulnerable Software and Affected Versions: lunary-ai/lunary versions 1.3.2 through 1.4.2 Description: The issue is related to an IDOR vulnerability in the 'Evaluations' function of the 'umgws datasets' section. This vulnerability allows an authenticated user to update other users'...