5 matches found
CVE-2025-63663
Incorrect access control in the /api/v1/conversations//files API of GT Edge AI Platform before v2.0.10 allows unauthorized attackers to access other users' uploaded files...
CVE-2025-63662
Insecure permissions in the /api/v1/agents API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access sensitive information...
PT-2025-52672
Name of the Vulnerable Software and Affected Versions GT Edge AI Platform versions prior to 2.0.10 Description An access control issue exists in the /api/v1/conversations//files API of GT Edge AI Platform. This allows unauthorized access to files uploaded by other users. The vulnerable parameter ...
CVE-2025-63664
GT Edge AI Platform (prior to v2.0.10-dev) exposes an access control flaw in the /api/v1/conversations/*/messages endpoint, allowing unauthorized users or AI agents to read other users’ message history. Root cause described as improper access control. Affected version range is before 2.0.10-dev. ...
CVE-2025-63662
CVE-2025-63662 affects GT Edge AI Platform prior to v2.0.10-dev. The vulnerability stems from insecure permissions on the /api/v1/agents API, enabling unauthorized access to sensitive information. Multiple trusted sources (Red Hat, ENISA, CNNVD, CVE lists, and enterprise feeds) corroborate the is...