CVE-2024-5128 | lunary-ai lunary up to 1.2.24 Object Reference dataset_prompt access control

Posted by Angelo Barbosa | Jun 6, 2024 | CVE

A vulnerability was found in lunary-ai lunary up to 1.2.24 and classified as critical. Affected by this issue is the function dataset_prompt of the component Object Reference Handler. The manipulation leads to improper access controls.

This vulnerability is handled as CVE-2024-5128. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-5128 | lunary-ai lunary up to 1.2.24 Object Reference dataset_prompt access control

Related Posts

CVE-2024-47653 | Shilpi Computers Client Dashboard up to 9.6.x API Endpoint privileges assignment (CIVN-2024-0313)

CVE-2024-0685 | Ninja Forms Contact Form Plugin up to 3.7.1 on WordPress sql injection

CVE-2024-50490 | Szabolcs Szecsenyi PegaPoll Plugin up to 1.0.2 on WordPress authorization

CVE-2024-41285 | FAST FW300R 1.3.13 File Path stack-based overflow