CVE-2024-5128 | lunary-ai lunary up to 1.2.24 Object Reference dataset_prompt access control

Inserito da Angelo Barbosa | Giu 6, 2024 | CVE

A vulnerability was found in lunary-ai lunary up to 1.2.24 and classified as critical. Affected by this issue is the function dataset_prompt of the component Object Reference Handler. The manipulation leads to improper access controls.

This vulnerability is handled as CVE-2024-5128. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-5128 | lunary-ai lunary up to 1.2.24 Object Reference dataset_prompt access control

Post correlati

CVE-2024-31082 | X.org X11 Server up to 21.1.11 ProcAppleDRICreatePixmap heap-based overflow

CVE-2023-43317 | Coign CRM Portal 06.06 Storage Component userPermissionsList permission

CVE-2024-27900 | SAP ABAP Platform 758/795 Privacy Setting authorization

CVE-2024-41637 | RaspAP up to 3.1.4 restapi.service insecure inherited permissions