Security Advisory

CVE-2024-5131

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-06-06 18:31:16

Last updated 2024-11-03 18:27:24

Assigner @huntr_ai

State PUBLISHED

Description

An Improper Access Control vulnerability exists in the lunary-ai/lunary repository, affecting versions up to and including 1.2.2. The vulnerability allows unauthorized users to view any prompts in any projects by supplying a specific prompt ID to an endpoint that does not adequately verify the ownership of the prompt ID. This issue was fixed in version 1.2.25.

← Browse all CVEs View on cve.org ↗