CVE-2024-4146 | lunary-ai lunary up to 1.2.25 checkProjectAccess improper authorization

Inserito da Angelo Barbosa | Giu 8, 2024 | CVE

A vulnerability was found in lunary-ai lunary up to 1.2.25. It has been declared as critical. Affected by this vulnerability is the function checkProjectAccess. The manipulation leads to improper authorization.

This vulnerability is known as CVE-2024-4146. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-4146 | lunary-ai lunary up to 1.2.25 checkProjectAccess improper authorization

Post correlati

CVE-2024-37087 | VMware vCenter Server/Cloud Foundation denial of service

CVE-2024-1339 | ImageRecycle PDF & Image Compression Plugin up to 3.1.13 on WordPress reinitialize cross-site request forgery

CVE-2024-3906 | Tenda AC500 2.0.1.9(1307) /goform/QuickIndex formQuickIndex PPPOEPassword stack-based overflow

CVE-2024-8477 | Brevo Newsletter, SMTP, Email Marketing and Subscribe Forms Plugin cross-site request forgery