CVE-2024-4146 | lunary-ai lunary up to 1.2.25 checkProjectAccess improper authorization

Inserito da Angelo Barbosa | Giu 8, 2024 | CVE

A vulnerability was found in lunary-ai lunary up to 1.2.25. It has been declared as critical. Affected by this vulnerability is the function checkProjectAccess. The manipulation leads to improper authorization.

This vulnerability is known as CVE-2024-4146. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-4146 | lunary-ai lunary up to 1.2.25 checkProjectAccess improper authorization

Post correlati

CVE-2024-9683 | Red Hat Quay 3 Truncated Password Version authentication bypass

CVE-2024-6431 | Media.net Ads Manager Plugin up to 2.10.13 on WordPress File Upload authorization

CVE-2024-27559 | Stupid Simple CMS 1.2.4 /save_settings.php cross-site request forgery

CVE-2023-49109 | Apache DolphinScheduler up to 3.2.0 code injection