2 matches found
EUVD-2025-50817
Langfuse is an open source large language model engineering platform. Starting in version 2.70.0 and prior to versions 2.95.11 and 3.124.1, in certain project membership APIs, the server trusted a user‑controlled orgId and used it in authorization checks. As a result, any authenticated user on th...
CAN-2005-0099
CVE-2005-0099 concerns the SDL port of Abuse (abuse-SDL). The advisory detail shows that abuse-SDL before version 2.00 does not drop privileges when creating certain files, allowing local users to create or overwrite arbitrary files. Affected context includes Debian (DSA-691-1) and SUSE entries t...