CVE-2024-3501 | lunary-ai lunary up to 1.2.5 API Endpoint /v1/users/me information disclosure

Posted by Angelo Barbosa | Nov 14, 2024 | CVE

A vulnerability, which was classified as problematic, was found in lunary-ai lunary up to 1.2.5. This affects an unknown part of the file /v1/users/me of the component API Endpoint. The manipulation leads to information disclosure.

This vulnerability is uniquely identified as CVE-2024-3501. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-3501 | lunary-ai lunary up to 1.2.5 API Endpoint /v1/users/me information disclosure

Related Posts

CVE-2024-23128 | Autodesk AutoCAD/Advance Steel/Civil 3D MODEL File libodxdll.dll memory corruption

CVE-2024-33691 | OptinMonster Popup Builder Team OptinMonster Plugin up to 2.15.3 on WordPress cross-site request forgery

CVE-2024-8934 | Beckhoff TwinCAT Package Manager prior 1.0.603.0 os command injection (VDE-2024-064)

CVE-2024-29726 | SportsNET 4.0.1 /app/ax/setAsRead/ id sql injection