From 4576ec4c0a30520cfd8e37fa8fb7d117e6288de1 Mon Sep 17 00:00:00 2001 From: shubhobm Date: Tue, 2 Dec 2025 14:31:11 +0530 Subject: [PATCH 1/7] wip --- scripts/mileva.py | 451 ++++++++++++++++++++++++++++++++++++++ scripts/mileva_cves.jsonl | 32 +++ 2 files changed, 483 insertions(+) create mode 100644 scripts/mileva.py create mode 100644 scripts/mileva_cves.jsonl diff --git a/scripts/mileva.py b/scripts/mileva.py new file mode 100644 index 0000000..1a26eb4 --- /dev/null +++ b/scripts/mileva.py @@ -0,0 +1,451 @@ +""" +Script to scrape CVE information from Milev.ai and NVD. + +This script structures CVE data into AVID Vulnerability objects. + +This script: +1. Scrapes unique CVE IDs from Milev.ai research digest pages +2. Fetches detailed CVE information from NVD +3. Structures the data into AVID Vulnerability objects +4. Saves all vulnerabilities to a JSONL file + +Dependencies: + - beautifulsoup4: For HTML parsing + - requests: For HTTP requests + - nvdlib: For fetching CVE data from NVD (already in dependencies) +""" + +import re +import sys +import time +from datetime import date +from pathlib import Path +from typing import List, Optional, Set + +import requests +from bs4 import BeautifulSoup + +# Import AVID datamodels (sys.path modification required) +sys.path.insert(0, str(Path(__file__).parent.parent)) # noqa: E402 + +from avidtools.datamodels.components import ( # noqa: E402 + Affects, + Artifact, + AvidTaxonomy, + Impact, + LangValue, + Problemtype, + Reference, +) +from avidtools.datamodels.enums import ( # noqa: E402 + ArtifactTypeEnum, + ClassEnum, + LifecycleEnum, + SepEnum, +) +from avidtools.datamodels.vulnerability import ( # noqa: E402 + Vulnerability, + VulnMetadata, +) + + +def scrape_cve_ids_from_mileva(url: str) -> Set[str]: + """ + Scrape unique CVE IDs from a Milev.ai research digest page. + + Args: + url: URL of the Milev.ai research digest page + + Returns: + Set of unique CVE IDs found on the page + """ + print(f"Scraping CVE IDs from: {url}") + + try: + response = requests.get(url, timeout=30) + response.raise_for_status() + except requests.RequestException as e: + print(f"Error fetching Milev.ai page: {e}") + return set() + + soup = BeautifulSoup(response.content, 'html.parser') + + # Find all CVE IDs using regex pattern (CVE-YYYY-NNNNN) + cve_pattern = re.compile(r'CVE-\d{4}-\d{4,}') + + # Search in all text content + text_content = soup.get_text() + cve_ids = set(cve_pattern.findall(text_content)) + + # Also search in links + for link in soup.find_all('a', href=True): + href = link['href'] + cve_matches = cve_pattern.findall(href) + cve_ids.update(cve_matches) + + # Check link text + link_text = link.get_text() + cve_matches = cve_pattern.findall(link_text) + cve_ids.update(cve_matches) + + print(f"Found {len(cve_ids)} unique CVE IDs: {sorted(cve_ids)}") + return cve_ids + + +def scrape_nvd_cve_details(cve_id: str) -> Optional[dict]: + """ + Fetch CVE details from the MITRE CVE API. + + Args: + cve_id: CVE identifier (e.g., 'CVE-2024-12911') + + Returns: + Dictionary containing CVE details, or None if fetching fails + """ + url = f"https://cveawg.mitre.org/api/cve/{cve_id}" + print(f"Fetching CVE details from: {url}") + + try: + headers = { + 'Accept': 'application/json', + 'User-Agent': 'avidtools-cve-scraper/0.2' + } + response = requests.get(url, timeout=30, headers=headers) + response.raise_for_status() + cve_data = response.json() + except requests.RequestException as e: + print(f"Error fetching CVE data for {cve_id}: {e}") + return None + except ValueError as e: + print(f"Error parsing JSON for {cve_id}: {e}") + return None + + details = { + 'cve_id': cve_id, + 'url': f"https://www.cve.org/CVERecord?id={cve_id}", + 'description': None, + 'published_date': None, + 'last_modified_date': None, + 'cvss_score': None, + 'severity': None, + 'references': [], + 'cwe_ids': [], + 'affected_products': [] + } + + # Extract description from containers + try: + containers = cve_data.get('containers', {}) + cna = containers.get('cna', {}) + + # Get description + descriptions = cna.get('descriptions', []) + for desc in descriptions: + if desc.get('lang') == 'en': + details['description'] = desc.get('value', '').strip() + break + if not details['description'] and descriptions: + details['description'] = descriptions[0].get('value', '').strip() + + # Get published and modified dates + date_published = cve_data.get('cveMetadata', {}).get('datePublished') + if date_published: + details['published_date'] = date_published + + date_updated = cve_data.get('cveMetadata', {}).get('dateUpdated') + if date_updated: + details['last_modified_date'] = date_updated + + # Get CVSS metrics + metrics = cna.get('metrics', []) + for metric in metrics: + if 'cvssV3_1' in metric: + cvss = metric['cvssV3_1'] + details['cvss_score'] = cvss.get('baseScore') + details['severity'] = cvss.get('baseSeverity') + break + elif 'cvssV3_0' in metric: + cvss = metric['cvssV3_0'] + details['cvss_score'] = cvss.get('baseScore') + details['severity'] = cvss.get('baseSeverity') + break + + # Get CWE IDs + problem_types = cna.get('problemTypes', []) + for pt in problem_types: + for desc in pt.get('descriptions', []): + cwe_id = desc.get('cweId') + if cwe_id: + details['cwe_ids'].append(cwe_id) + + # Get references + references = cna.get('references', []) + for ref in references[:10]: # Limit to 10 references + ref_url = ref.get('url') + if ref_url: + details['references'].append(ref_url) + + # Get affected products + affected = cna.get('affected', []) + for aff in affected: + vendor = aff.get('vendor', 'Unknown') + product = aff.get('product', 'Unknown') + details['affected_products'].append({ + 'vendor': vendor, + 'product': product + }) + + except (KeyError, TypeError, AttributeError) as e: + print(f"Warning: Error parsing some CVE fields for {cve_id}: {e}") + + print(f"Successfully fetched details for {cve_id}") + return details + + +def create_vulnerability_from_cve(cve_details: dict) -> Vulnerability: + """ + Create a Vulnerability object from CVE details. + + Args: + cve_details: Dictionary containing CVE information from NVD + + Returns: + Vulnerability object populated with CVE data + """ + cve_id = cve_details['cve_id'] + + # Create metadata + metadata = VulnMetadata(vuln_id=cve_id) + + # Create description + description = None + if cve_details['description']: + description = LangValue( + lang="eng", + value=cve_details['description'] + ) + + # Create references + references = [ + Reference( + type="source", + label="NVD", + url=cve_details['url'] + ) + ] + + # Add additional references + for ref_url in cve_details['references'][:5]: # Limit to 5 references + references.append( + Reference( + label="Reference", + url=ref_url + ) + ) + + # Create problemtype + problemtype_desc = cve_details['description'] or f"Vulnerability {cve_id}" + if cve_details['cwe_ids']: + cwe_list = ', '.join(cve_details['cwe_ids']) + problemtype_desc = f"{cwe_list}: {problemtype_desc}" + + problemtype = Problemtype( + classof=ClassEnum.cve, + description=LangValue( + lang="eng", + value=problemtype_desc[:500] # Limit length + ) + ) + + # Create affects - use affected products if available + developers = [] + deployers = [] + artifacts = [] + + if cve_details['affected_products']: + # Extract unique vendors for developer and deployer + vendors = set() + for item in cve_details['affected_products']: + vendor = item.get('vendor', 'Unknown') + vendors.add(vendor) + + # Create artifact for each product + product = item.get('product', 'Unknown') + artifacts.append( + Artifact( + type=ArtifactTypeEnum.system, + name=product + ) + ) + + developers = list(vendors) + deployers = list(vendors) + else: + # Default values if none specified + developers = ["Unknown"] + deployers = ["Unknown"] + artifacts.append( + Artifact( + type=ArtifactTypeEnum.system, + name="Unknown System" + ) + ) + + affects = Affects( + developer=developers, + deployer=deployers, + artifacts=artifacts + ) + + # Create impact with AVID taxonomy + avid_taxonomy = AvidTaxonomy( + vuln_id=cve_id, + risk_domain=["Security"], + sep_view=[SepEnum.S0100], # Security - Software Vulnerability + lifecycle_view=[LifecycleEnum.L06], # Deployment + taxonomy_version="0.2" + ) + + impact = Impact(avid=avid_taxonomy) + + # Parse dates + published_date = None + last_modified_date = None + + try: + if cve_details['published_date']: + # Parse date string (format: "MM/DD/YYYY") + date_str = cve_details['published_date'] + date_match = re.search(r'(\d{1,2})/(\d{1,2})/(\d{4})', date_str) + if date_match: + month, day, year = date_match.groups() + published_date = date(int(year), int(month), int(day)) + except (ValueError, AttributeError): + pass + + try: + if cve_details['last_modified_date']: + date_str = cve_details['last_modified_date'] + date_match = re.search(r'(\d{1,2})/(\d{1,2})/(\d{4})', date_str) + if date_match: + month, day, year = date_match.groups() + last_modified_date = date(int(year), int(month), int(day)) + except (ValueError, AttributeError): + pass + + # Create Vulnerability object + vulnerability = Vulnerability( + data_type="AVID", + data_version="0.2", + metadata=metadata, + affects=affects, + problemtype=problemtype, + references=references, + description=description, + impact=impact, + published_date=published_date, + last_modified_date=last_modified_date + ) + + return vulnerability + + +def save_vulnerabilities_to_jsonl( + vulnerabilities: List[Vulnerability], output_path: str +): + """ + Save a list of Vulnerability objects to a JSONL file. + + Args: + vulnerabilities: List of Vulnerability objects + output_path: Path to the output JSONL file + """ + output_file = Path(output_path) + output_file.parent.mkdir(parents=True, exist_ok=True) + + with open(output_file, 'w', encoding='utf-8') as f: + for vuln in vulnerabilities: + # Convert to JSON string using Pydantic's model_dump_json + json_str = vuln.model_dump_json(exclude_none=True) + f.write(json_str + '\n') + + print(f"\nSaved {len(vulnerabilities)} vulnerabilities to {output_path}") + + +def main(): + """Main execution function.""" + print("=" * 80) + print("CVE Scraper - Milev.ai to AVID Vulnerability Converter") + print("=" * 80) + print() + + # Step 1: Scrape CVE IDs from Milev.ai + mileva_url = "https://milev.ai/research/fortnightly-digest-31-march-2025/" + cve_ids = scrape_cve_ids_from_mileva(mileva_url) + + if not cve_ids: + print("No CVE IDs found. Exiting.") + return + + print() + print("-" * 80) + print() + + # Step 2 & 3: Scrape NVD details and create Vulnerability objects + vulnerabilities = [] + + cve_list = sorted(cve_ids) + + for i, cve_id in enumerate(cve_list, 1): + print(f"Processing {i}/{len(cve_list)}: {cve_id}") + + # Scrape CVE details from NVD + cve_details = scrape_nvd_cve_details(cve_id) + + if cve_details: + # Create Vulnerability object + try: + vulnerability = create_vulnerability_from_cve(cve_details) + vulnerabilities.append(vulnerability) + print( + f"✓ Successfully created Vulnerability object for " + f"{cve_id}" + ) + except Exception as e: + import traceback + print( + f"✗ Error creating Vulnerability object for " + f"{cve_id}: {e}" + ) + print("Full traceback:") + traceback.print_exc() + else: + print(f"✗ Failed to scrape details for {cve_id}") + + print() + + # Be respectful to the API server - add a delay between requests + if i < len(cve_list): + time.sleep(2) # 2 second delay between requests + + print("-" * 80) + print() + + # Step 4: Save to JSONL + if vulnerabilities: + output_path = "mileva_cves.jsonl" + save_vulnerabilities_to_jsonl(vulnerabilities, output_path) + + print() + print("=" * 80) + print( + f"Complete! Processed {len(vulnerabilities)} out of " + f"{len(cve_ids)} CVEs" + ) + print("=" * 80) + else: + print("No vulnerabilities were successfully created.") + + +if __name__ == "__main__": + main() diff --git a/scripts/mileva_cves.jsonl b/scripts/mileva_cves.jsonl new file mode 100644 index 0000000..cb4bf2d --- /dev/null +++ b/scripts/mileva_cves.jsonl @@ -0,0 +1,32 @@ +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10109"},"affects":{"developer":["mintplex-labs"],"deployer":["mintplex-labs"],"artifacts":[{"type":"System","name":"mintplex-labs/anything-llm"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-863: A vulnerability in the mintplex-labs/anything-llm repository, as of commit 5c40419, allows low privilege users to access the sensitive API endpoint \"/api/system/custom-models\". This access enables them to modify the model's API key and base path, leading to potential API key leakage and denial of service on chats."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10109"},{"label":"Reference","url":"https://huntr.com/bounties/ad3c9e76-679d-4775-b203-96947ff73551"},{"label":"Reference","url":"https://github.com/mintplex-labs/anything-llm/commit/8d302c3f670c582b09d47e96132c248101447a11"}],"description":{"lang":"eng","value":"A vulnerability in the mintplex-labs/anything-llm repository, as of commit 5c40419, allows low privilege users to access the sensitive API endpoint \"/api/system/custom-models\". This access enables them to modify the model's API key and base path, leading to potential API key leakage and denial of service on chats."},"impact":{"avid":{"vuln_id":"CVE-2024-10109","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10273"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-863: In lunary-ai/lunary v1.5.0, improper privilege management in the models.ts file allows users with viewer roles to modify models owned by others. The PATCH endpoint for models does not have appropriate privilege checks, enabling low-privilege users to update models they should not have access to modify. This vulnerability could lead to unauthorized changes in critical resources, affecting the integrity and reliability of the system."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10273"},{"label":"Reference","url":"https://huntr.com/bounties/883d9fe2-5730-41e1-a5c2-59972489876e"},{"label":"Reference","url":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc"}],"description":{"lang":"eng","value":"In lunary-ai/lunary v1.5.0, improper privilege management in the models.ts file allows users with viewer roles to modify models owned by others. The PATCH endpoint for models does not have appropriate privilege checks, enabling low-privilege users to update models they should not have access to modify. This vulnerability could lead to unauthorized changes in critical resources, affecting the integrity and reliability of the system."},"impact":{"avid":{"vuln_id":"CVE-2024-10273","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10274"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-862: An improper authorization vulnerability exists in lunary-ai/lunary version 1.5.5. The /users/me/org endpoint lacks adequate access control mechanisms, allowing unauthorized users to access sensitive information about all team members in the current organization. This vulnerability can lead to the disclosure of sensitive information such as names, roles, or emails to users without sufficient privileges, resulting in privacy violations and potential reconnaissance for targeted attacks."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10274"},{"label":"Reference","url":"https://huntr.com/bounties/506459c1-da60-45c5-a10d-8bd540a4b4c1"},{"label":"Reference","url":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc"}],"description":{"lang":"eng","value":"An improper authorization vulnerability exists in lunary-ai/lunary version 1.5.5. The /users/me/org endpoint lacks adequate access control mechanisms, allowing unauthorized users to access sensitive information about all team members in the current organization. This vulnerability can lead to the disclosure of sensitive information such as names, roles, or emails to users without sufficient privileges, resulting in privacy violations and potential reconnaissance for targeted attacks."},"impact":{"avid":{"vuln_id":"CVE-2024-10274","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10330"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-862: In lunary-ai/lunary version 1.5.6, the `/v1/evaluators/` endpoint lacks proper access control, allowing any user associated with a project to fetch all evaluator data regardless of their role. This vulnerability permits low-privilege users to access potentially sensitive evaluation data."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10330"},{"label":"Reference","url":"https://huntr.com/bounties/598ecd65-1723-4fb7-a9aa-9c4f56a5a2aa"},{"label":"Reference","url":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc"}],"description":{"lang":"eng","value":"In lunary-ai/lunary version 1.5.6, the `/v1/evaluators/` endpoint lacks proper access control, allowing any user associated with a project to fetch all evaluator data regardless of their role. This vulnerability permits low-privilege users to access potentially sensitive evaluation data."},"impact":{"avid":{"vuln_id":"CVE-2024-10330","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10513"},"affects":{"developer":["mintplex-labs"],"deployer":["mintplex-labs"],"artifacts":[{"type":"System","name":"mintplex-labs/anything-llm"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-23: A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs/anything-llm, affecting the latest version prior to 1.2.2. This vulnerability allows users with the 'manager' role to access and manipulate the 'anythingllm.db' database file. By exploiting the vulnerable endpoint '/api/document/move-files', an attacker can move the database file to a publicly accessible directory, download it, and subsequently delete it. This can lead to unauthorized access "}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10513"},{"label":"Reference","url":"https://huntr.com/bounties/ad11cecf-161a-4fb1-986f-6f88272cbb9e"},{"label":"Reference","url":"https://github.com/mintplex-labs/anything-llm/commit/47a5c7126c20e2277ee56e2c7ee11990886a40a7"}],"description":{"lang":"eng","value":"A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs/anything-llm, affecting the latest version prior to 1.2.2. This vulnerability allows users with the 'manager' role to access and manipulate the 'anythingllm.db' database file. By exploiting the vulnerable endpoint '/api/document/move-files', an attacker can move the database file to a publicly accessible directory, download it, and subsequently delete it. This can lead to unauthorized access to sensitive data, privilege escalation, and potential data loss."},"impact":{"avid":{"vuln_id":"CVE-2024-10513","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10762"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-862: In lunary-ai/lunary before version 1.5.9, the /v1/evaluators/ endpoint allows users to delete evaluators of a project by sending a DELETE request. However, the route lacks proper access control, such as middleware to ensure that only users with appropriate roles can delete evaluator data. This vulnerability allows low-privilege users to delete evaluators data, causing permanent data loss and potentially hindering operations."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10762"},{"label":"Reference","url":"https://huntr.com/bounties/23ab508e-d956-4861-b28f-0569d3b404a6"},{"label":"Reference","url":"https://github.com/lunary-ai/lunary/commit/91587496673da24cb7ddedfbbd6e602592b20ef6"}],"description":{"lang":"eng","value":"In lunary-ai/lunary before version 1.5.9, the /v1/evaluators/ endpoint allows users to delete evaluators of a project by sending a DELETE request. However, the route lacks proper access control, such as middleware to ensure that only users with appropriate roles can delete evaluator data. This vulnerability allows low-privilege users to delete evaluators data, causing permanent data loss and potentially hindering operations."},"impact":{"avid":{"vuln_id":"CVE-2024-10762","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10821"},"affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-835: A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of the Invoke-AI server (version v5.0.1) allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and a complete denial of service for all users. The affected endpoint is `/api/v1/images/upload`."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10821"},{"label":"Reference","url":"https://huntr.com/bounties/0ac24835-c4c0-4f11-938a-d5641dfb80b2"}],"description":{"lang":"eng","value":"A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of the Invoke-AI server (version v5.0.1) allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and a complete denial of service for all users. The affected endpoint is `/api/v1/images/upload`."},"impact":{"avid":{"vuln_id":"CVE-2024-10821","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10829"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-835: A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of eosphoros-ai/db-gpt v0.6.0 allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and complete denial of service for all users. This vulnerability affects all endpoints processing multipart/form-data requests."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10829"},{"label":"Reference","url":"https://huntr.com/bounties/e3a4a0ad-a2e0-497f-a2e0-e3c0ec7c4de4"}],"description":{"lang":"eng","value":"A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of eosphoros-ai/db-gpt v0.6.0 allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and complete denial of service for all users. This vulnerability affects all endpoints processing multipart/form-data requests."},"impact":{"avid":{"vuln_id":"CVE-2024-10829","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10830"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-22: A Path Traversal vulnerability exists in the eosphoros-ai/db-gpt version 0.6.0 at the API endpoint `/v1/resource/file/delete`. This vulnerability allows an attacker to delete any file on the server by manipulating the `file_key` parameter. The `file_key` parameter is not properly sanitized, enabling an attacker to specify arbitrary file paths. If the specified file exists, the application will delete it."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10830"},{"label":"Reference","url":"https://huntr.com/bounties/26adf08a-9262-4d5a-a2ee-ce12ed919620"}],"description":{"lang":"eng","value":"A Path Traversal vulnerability exists in the eosphoros-ai/db-gpt version 0.6.0 at the API endpoint `/v1/resource/file/delete`. This vulnerability allows an attacker to delete any file on the server by manipulating the `file_key` parameter. The `file_key` parameter is not properly sanitized, enabling an attacker to specify arbitrary file paths. If the specified file exists, the application will delete it."},"impact":{"avid":{"vuln_id":"CVE-2024-10830","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10831"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-36: In eosphoros-ai/db-gpt version 0.6.0, the endpoint for uploading files is vulnerable to absolute path traversal. This vulnerability allows an attacker to upload arbitrary files to arbitrary locations on the target server. The issue arises because the `file_key` and `doc_file.filename` parameters are user-controllable, enabling the construction of paths outside the intended directory. This can lead to overwriting essential system files, such as SSH keys, for further exploitation."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10831"},{"label":"Reference","url":"https://huntr.com/bounties/5c34c39f-66d4-414c-ab6a-f7888a5d882a"}],"description":{"lang":"eng","value":"In eosphoros-ai/db-gpt version 0.6.0, the endpoint for uploading files is vulnerable to absolute path traversal. This vulnerability allows an attacker to upload arbitrary files to arbitrary locations on the target server. The issue arises because the `file_key` and `doc_file.filename` parameters are user-controllable, enabling the construction of paths outside the intended directory. This can lead to overwriting essential system files, such as SSH keys, for further exploitation."},"impact":{"avid":{"vuln_id":"CVE-2024-10831","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10833"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-36: eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to absolute path traversal, allowing attackers to write files to arbitrary locations on the target server. This vulnerability arises because the 'doc_file.filename' parameter is user-controllable, enabling the construction of absolute paths."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10833"},{"label":"Reference","url":"https://huntr.com/bounties/dc58e981-e325-4c11-b4e1-1095890fd15a"}],"description":{"lang":"eng","value":"eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to absolute path traversal, allowing attackers to write files to arbitrary locations on the target server. This vulnerability arises because the 'doc_file.filename' parameter is user-controllable, enabling the construction of absolute paths."},"impact":{"avid":{"vuln_id":"CVE-2024-10833","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10834"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-73: eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that allows for arbitrary file write. The issue arises from the ability to pass an absolute path to a call to `os.path.join`, enabling an attacker to write files to arbitrary locations on the target server. This vulnerability can be exploited by setting the `doc_file.filename` to an absolute path, which can lead to overwriting system files or creating new SSH-key entries."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10834"},{"label":"Reference","url":"https://huntr.com/bounties/0d598508-151a-4050-9ccd-31bb82955e7a"}],"description":{"lang":"eng","value":"eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that allows for arbitrary file write. The issue arises from the ability to pass an absolute path to a call to `os.path.join`, enabling an attacker to write files to arbitrary locations on the target server. This vulnerability can be exploited by setting the `doc_file.filename` to an absolute path, which can lead to overwriting system files or creating new SSH-key entries."},"impact":{"avid":{"vuln_id":"CVE-2024-10834","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10835"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-89: In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/sql/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the victim's file system. This can potentially lead to Remote Code Execution (RCE)."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10835"},{"label":"Reference","url":"https://huntr.com/bounties/e32fda74-ca83-431c-8de8-08274ba686c9"}],"description":{"lang":"eng","value":"In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/sql/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the victim's file system. This can potentially lead to Remote Code Execution (RCE)."},"impact":{"avid":{"vuln_id":"CVE-2024-10835","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10906"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-352: In version 0.6.0 of eosphoros-ai/db-gpt, the `uvicorn` app created by `dbgpt_server` uses an overly permissive instance of `CORSMiddleware` which sets the `Access-Control-Allow-Origin` to `*` for all requests. This configuration makes all endpoints exposed by the server vulnerable to Cross-Site Request Forgery (CSRF). An attacker can exploit this vulnerability to interact with any endpoints of the instance, even if the instance is not publicly exposed to the network."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10906"},{"label":"Reference","url":"https://huntr.com/bounties/8864aca5-a342-4dab-b866-b2882ba6f160"}],"description":{"lang":"eng","value":"In version 0.6.0 of eosphoros-ai/db-gpt, the `uvicorn` app created by `dbgpt_server` uses an overly permissive instance of `CORSMiddleware` which sets the `Access-Control-Allow-Origin` to `*` for all requests. This configuration makes all endpoints exposed by the server vulnerable to Cross-Site Request Forgery (CSRF). An attacker can exploit this vulnerability to interact with any endpoints of the instance, even if the instance is not publicly exposed to the network."},"impact":{"avid":{"vuln_id":"CVE-2024-10906","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10940"},"affects":{"developer":["langchain-ai"],"deployer":["langchain-ai"],"artifacts":[{"type":"System","name":"langchain-ai/langchain"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-497: A vulnerability in langchain-core versions >=0.1.17,<0.1.53, >=0.2.0,<0.2.43, and >=0.3.0,<0.3.15 allows unauthorized users to read arbitrary files from the host file system. The issue arises from the ability to create langchain_core.prompts.ImagePromptTemplate's (and by extension langchain_core.prompts.ChatPromptTemplate's) with input variables that can read any user-specified path from the server file system. If the outputs of these prompt templates are exposed to the user, either dir"}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10940"},{"label":"Reference","url":"https://huntr.com/bounties/be1ee1cb-2147-4ff4-a57b-b6045271cf27"},{"label":"Reference","url":"https://github.com/langchain-ai/langchain/commit/c1e742347f9701aadba8920e4d1f79a636e50b68"}],"description":{"lang":"eng","value":"A vulnerability in langchain-core versions >=0.1.17,<0.1.53, >=0.2.0,<0.2.43, and >=0.3.0,<0.3.15 allows unauthorized users to read arbitrary files from the host file system. The issue arises from the ability to create langchain_core.prompts.ImagePromptTemplate's (and by extension langchain_core.prompts.ChatPromptTemplate's) with input variables that can read any user-specified path from the server file system. If the outputs of these prompt templates are exposed to the user, either directly or through downstream model outputs, it can lead to the exposure of sensitive information."},"impact":{"avid":{"vuln_id":"CVE-2024-10940","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10950"},"affects":{"developer":["binary-husky"],"deployer":["binary-husky"],"artifacts":[{"type":"System","name":"binary-husky/gpt_academic"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-94: In binary-husky/gpt_academic version <= 3.83, the plugin `CodeInterpreter` is vulnerable to code injection caused by prompt injection. The root cause is the execution of user-provided prompts that generate untrusted code without a sandbox, allowing the execution of parts of the LLM-generated code. This vulnerability can be exploited by an attacker to achieve remote code execution (RCE) on the application backend server, potentially gaining full control of the server."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10950"},{"label":"Reference","url":"https://huntr.com/bounties/9abb1617-0c1d-42c7-a647-d9d2b39c6866"}],"description":{"lang":"eng","value":"In binary-husky/gpt_academic version <= 3.83, the plugin `CodeInterpreter` is vulnerable to code injection caused by prompt injection. The root cause is the execution of user-provided prompts that generate untrusted code without a sandbox, allowing the execution of parts of the LLM-generated code. This vulnerability can be exploited by an attacker to achieve remote code execution (RCE) on the application backend server, potentially gaining full control of the server."},"impact":{"avid":{"vuln_id":"CVE-2024-10950","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10954"},"affects":{"developer":["binary-husky"],"deployer":["binary-husky"],"artifacts":[{"type":"System","name":"binary-husky/gpt_academic"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-94: In the `manim` plugin of binary-husky/gpt_academic, versions prior to the fix, a vulnerability exists due to improper handling of user-provided prompts. The root cause is the execution of untrusted code generated by the LLM without a proper sandbox. This allows an attacker to perform remote code execution (RCE) on the app backend server by injecting malicious code through the prompt."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10954"},{"label":"Reference","url":"https://huntr.com/bounties/72d034e3-6ca2-495d-98a7-ac9565588c09"}],"description":{"lang":"eng","value":"In the `manim` plugin of binary-husky/gpt_academic, versions prior to the fix, a vulnerability exists due to improper handling of user-provided prompts. The root cause is the execution of untrusted code generated by the LLM without a proper sandbox. This allows an attacker to perform remote code execution (RCE) on the app backend server by injecting malicious code through the prompt."},"impact":{"avid":{"vuln_id":"CVE-2024-10954","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-11042"},"affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-73: In invoke-ai/invokeai version v5.0.2, the web API `POST /api/v1/images/delete` is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH keys, SQLite databases, and configuration files. This can impact the integrity and availability of applications relying on these files."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-11042"},{"label":"Reference","url":"https://huntr.com/bounties/635535a7-c804-4789-ac3a-48d951263987"},{"label":"Reference","url":"https://github.com/invoke-ai/invokeai/commit/5440c037674882b2ab7acd59087e9bb04b49657a"}],"description":{"lang":"eng","value":"In invoke-ai/invokeai version v5.0.2, the web API `POST /api/v1/images/delete` is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH keys, SQLite databases, and configuration files. This can impact the integrity and availability of applications relying on these files."},"impact":{"avid":{"vuln_id":"CVE-2024-11042","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-11043"},"affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-400: A Denial of Service (DoS) vulnerability was discovered in the /api/v1/boards/{board_id} endpoint of invoke-ai/invokeai version v5.0.2. This vulnerability occurs when an excessively large payload is sent in the board_name field during a PATCH request. By sending a large payload, the UI becomes unresponsive, rendering it impossible for users to interact with or manage the affected board. Additionally, the option to delete the board becomes inaccessible, amplifying the severity of the issu"}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-11043"},{"label":"Reference","url":"https://huntr.com/bounties/9270900a-b8b7-402f-aee5-432d891e5648"}],"description":{"lang":"eng","value":"A Denial of Service (DoS) vulnerability was discovered in the /api/v1/boards/{board_id} endpoint of invoke-ai/invokeai version v5.0.2. This vulnerability occurs when an excessively large payload is sent in the board_name field during a PATCH request. By sending a large payload, the UI becomes unresponsive, rendering it impossible for users to interact with or manage the affected board. Additionally, the option to delete the board becomes inaccessible, amplifying the severity of the issue."},"impact":{"avid":{"vuln_id":"CVE-2024-11043","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-11300"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-639: In lunary-ai/lunary before version 1.6.3, an improper access control vulnerability exists where a user can access prompt data of another user. This issue affects version 1.6.2 and the main branch. The vulnerability allows unauthorized users to view sensitive prompt data by accessing specific URLs, leading to potential exposure of critical information."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-11300"},{"label":"Reference","url":"https://huntr.com/bounties/8dca7994-0d92-491e-a419-02adfe23ffa4"},{"label":"Reference","url":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd"}],"description":{"lang":"eng","value":"In lunary-ai/lunary before version 1.6.3, an improper access control vulnerability exists where a user can access prompt data of another user. This issue affects version 1.6.2 and the main branch. The vulnerability allows unauthorized users to view sensitive prompt data by accessing specific URLs, leading to potential exposure of critical information."},"impact":{"avid":{"vuln_id":"CVE-2024-11300","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-11301"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-837: In lunary-ai/lunary before version 1.6.3, the application allows the creation of evaluators without enforcing a unique constraint on the combination of projectId and slug. This allows an attacker to overwrite existing data by submitting a POST request with the same slug as an existing evaluator. The lack of database constraints or application-layer validation to prevent duplicates exposes the application to data integrity issues. This vulnerability can result in corrupted data and poten"}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-11301"},{"label":"Reference","url":"https://huntr.com/bounties/3d99aca5-b135-4833-b48b-7806bc4bf861"},{"label":"Reference","url":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd"}],"description":{"lang":"eng","value":"In lunary-ai/lunary before version 1.6.3, the application allows the creation of evaluators without enforcing a unique constraint on the combination of projectId and slug. This allows an attacker to overwrite existing data by submitting a POST request with the same slug as an existing evaluator. The lack of database constraints or application-layer validation to prevent duplicates exposes the application to data integrity issues. This vulnerability can result in corrupted data and potentially malicious actions, impairing the system's functionality."},"impact":{"avid":{"vuln_id":"CVE-2024-11301","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12029"},"affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-502: A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious code in model files, which is executed upon loading. This issue is fixed in version 5.4.3."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-12029"},{"label":"Reference","url":"https://huntr.com/bounties/9b790f94-1b1b-4071-bc27-78445d1a87a3"},{"label":"Reference","url":"https://github.com/invoke-ai/invokeai/commit/756008dc5899081c5aa51e5bd8f24c1b3975a59e"}],"description":{"lang":"eng","value":"A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious code in model files, which is executed upon loading. This issue is fixed in version 5.4.3."},"impact":{"avid":{"vuln_id":"CVE-2024-12029","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12704"},"affects":{"developer":["run-llama"],"deployer":["run-llama"],"artifacts":[{"type":"System","name":"run-llama/llama_index"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-835: A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method executes the llm using a thread and retrieves the result via the get_response_gen method of the StreamingGeneratorCallbackHandler class. If the thread terminates abnormally before the _llm.predict is executed, there is no exception handling for this case, leading to an infinite loop in the get_response_gen function. T"}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-12704"},{"label":"Reference","url":"https://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a"},{"label":"Reference","url":"https://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05"}],"description":{"lang":"eng","value":"A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method executes the llm using a thread and retrieves the result via the get_response_gen method of the StreamingGeneratorCallbackHandler class. If the thread terminates abnormally before the _llm.predict is executed, there is no exception handling for this case, leading to an infinite loop in the get_response_gen function. This can be triggered by providing an input of an incorrect type, causing the thread to terminate and the process to continue running indefinitely."},"impact":{"avid":{"vuln_id":"CVE-2024-12704","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12779"},"affects":{"developer":["infiniflow"],"deployer":["infiniflow"],"artifacts":[{"type":"System","name":"infiniflow/ragflow"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-918: A Server-Side Request Forgery (SSRF) vulnerability exists in infiniflow/ragflow version 0.12.0. The vulnerability is present in the `POST /v1/llm/add_llm` and `POST /v1/conversation/tts` endpoints. Attackers can specify an arbitrary URL as the `api_base` when adding an `OPENAITTS` model, and subsequently access the `tts` REST API endpoint to read contents from the specified URL. This can lead to unauthorized access to internal web resources."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-12779"},{"label":"Reference","url":"https://huntr.com/bounties/3cc748ba-2afb-4bfe-8553-10eb6d6dd4f0"}],"description":{"lang":"eng","value":"A Server-Side Request Forgery (SSRF) vulnerability exists in infiniflow/ragflow version 0.12.0. The vulnerability is present in the `POST /v1/llm/add_llm` and `POST /v1/conversation/tts` endpoints. Attackers can specify an arbitrary URL as the `api_base` when adding an `OPENAITTS` model, and subsequently access the `tts` REST API endpoint to read contents from the specified URL. This can lead to unauthorized access to internal web resources."},"impact":{"avid":{"vuln_id":"CVE-2024-12779","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12909"},"affects":{"developer":["run-llama"],"deployer":["run-llama"],"artifacts":[{"type":"System","name":"run-llama/llama_index"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-89: A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for SQL injection in the `run_sql_query` function of the `database_agent`. This vulnerability can be exploited by an attacker to inject arbitrary SQL queries, leading to remote code execution (RCE) through the use of PostgreSQL's large object functionality. The issue is fixed in version 0.3.0."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-12909"},{"label":"Reference","url":"https://huntr.com/bounties/44e8177f-200a-4ba3-a12c-8bc21e313a3f"},{"label":"Reference","url":"https://github.com/run-llama/llama_index/commit/5d03c175476452db9b8abcdb7d5767dd7b310a75"}],"description":{"lang":"eng","value":"A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for SQL injection in the `run_sql_query` function of the `database_agent`. This vulnerability can be exploited by an attacker to inject arbitrary SQL queries, leading to remote code execution (RCE) through the use of PostgreSQL's large object functionality. The issue is fixed in version 0.3.0."},"impact":{"avid":{"vuln_id":"CVE-2024-12909","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12911"},"affects":{"developer":["run-llama"],"deployer":["run-llama"],"artifacts":[{"type":"System","name":"run-llama/llama_index"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-89: A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-12911"},{"label":"Reference","url":"https://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3"},{"label":"Reference","url":"https://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e"}],"description":{"lang":"eng","value":"A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1."},"impact":{"avid":{"vuln_id":"CVE-2024-12911","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-6838"},"affects":{"developer":["mlflow"],"deployer":["mlflow"],"artifacts":[{"type":"System","name":"mlflow/mlflow"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-400: In mlflow/mlflow version v2.13.2, a vulnerability exists that allows the creation or renaming of an experiment with a large number of integers in its name due to the lack of a limit on the experiment name. This can cause the MLflow UI panel to become unresponsive, leading to a potential denial of service. Additionally, there is no character limit in the `artifact_location` parameter while creating the experiment."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-6838"},{"label":"Reference","url":"https://huntr.com/bounties/8ad52cb2-2cda-4eb0-aec9-586060ee43e0"}],"description":{"lang":"eng","value":"In mlflow/mlflow version v2.13.2, a vulnerability exists that allows the creation or renaming of an experiment with a large number of integers in its name due to the lack of a limit on the experiment name. This can cause the MLflow UI panel to become unresponsive, leading to a potential denial of service. Additionally, there is no character limit in the `artifact_location` parameter while creating the experiment."},"impact":{"avid":{"vuln_id":"CVE-2024-6838","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-6842"},"affects":{"developer":["mintplex-labs"],"deployer":["mintplex-labs"],"artifacts":[{"type":"System","name":"mintplex-labs/anything-llm"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-306: In version 1.5.5 of mintplex-labs/anything-llm, the `/setup-complete` API endpoint allows unauthorized users to access sensitive system settings. The data returned by the `currentSettings` function includes sensitive information such as API keys for search engines, which can be exploited by attackers to steal these keys and cause loss of user assets."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-6842"},{"label":"Reference","url":"https://huntr.com/bounties/cd911fc7-ac6b-4974-acd0-9cc926fa8d9e"},{"label":"Reference","url":"https://github.com/mintplex-labs/anything-llm/commit/8b1ceb30c159cf3a10efa16275bc6849d84e4ea8"}],"description":{"lang":"eng","value":"In version 1.5.5 of mintplex-labs/anything-llm, the `/setup-complete` API endpoint allows unauthorized users to access sensitive system settings. The data returned by the `currentSettings` function includes sensitive information such as API keys for search engines, which can be exploited by attackers to steal these keys and cause loss of user assets."},"impact":{"avid":{"vuln_id":"CVE-2024-6842","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-8999"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-862: lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST /api/v1/data-warehouse/bigquery endpoint. This vulnerability allows any user to export the entire database data by creating a stream to Google BigQuery without proper authentication or authorization. The issue is fixed in version 1.4.26."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-8999"},{"label":"Reference","url":"https://huntr.com/bounties/d42b7a44-0dcb-4ef0-b15c-d0e558da65c6"},{"label":"Reference","url":"https://github.com/lunary-ai/lunary/commit/aa0fd22952d1d84a717ae563eb1ab564d94a9e2b"}],"description":{"lang":"eng","value":"lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST /api/v1/data-warehouse/bigquery endpoint. This vulnerability allows any user to export the entire database data by creating a stream to Google BigQuery without proper authentication or authorization. The issue is fixed in version 1.4.26."},"impact":{"avid":{"vuln_id":"CVE-2024-8999","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-9000"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-862: In lunary-ai/lunary before version 1.4.26, the checklists.post() endpoint allows users to create or modify checklists without validating whether the user has proper permissions. This missing access control permits unauthorized users to create checklists, bypassing intended permission checks. Additionally, the endpoint does not validate the uniqueness of the slug field when creating a new checklist, allowing an attacker to spoof existing checklists by reusing the slug of an already-exist"}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-9000"},{"label":"Reference","url":"https://huntr.com/bounties/f5fca549-0a4a-4f64-8ccf-d4e108856da4"},{"label":"Reference","url":"https://github.com/lunary-ai/lunary/commit/a02861ef9bb6ce860a35f7b8f178d58859cd85f0"}],"description":{"lang":"eng","value":"In lunary-ai/lunary before version 1.4.26, the checklists.post() endpoint allows users to create or modify checklists without validating whether the user has proper permissions. This missing access control permits unauthorized users to create checklists, bypassing intended permission checks. Additionally, the endpoint does not validate the uniqueness of the slug field when creating a new checklist, allowing an attacker to spoof existing checklists by reusing the slug of an already-existing checklist. This can lead to significant data integrity issues, as legitimate checklists can be replaced with malicious or altered data."},"impact":{"avid":{"vuln_id":"CVE-2024-9000","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-2450"},"affects":{"developer":["NI"],"deployer":["NI"],"artifacts":[{"type":"System","name":"Vision Builder AI"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-356: NI Vision Builder AI VBAI File Processing Missing Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI Vision Builder AI. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the processing of VBAI files. The issue results from allowing the execution of dangerous script without user wa"}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2025-2450"},{"label":"Reference","url":"https://www.zerodayinitiative.com/advisories/ZDI-25-147/"}],"description":{"lang":"eng","value":"NI Vision Builder AI VBAI File Processing Missing Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI Vision Builder AI. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the processing of VBAI files. The issue results from allowing the execution of dangerous script without user warning. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22833."},"impact":{"avid":{"vuln_id":"CVE-2025-2450","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-2867"},"affects":{"developer":["GitLab"],"deployer":["GitLab"],"artifacts":[{"type":"System","name":"GitLab"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-94: An issue has been discovered in the GitLab Duo with Amazon Q affecting all versions from 17.8 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. A specifically crafted issue could manipulate AI-assisted development features to potentially expose sensitive project data to unauthorized users."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2025-2867"},{"label":"Reference","url":"https://gitlab.com/gitlab-org/gitlab/-/issues/512509"}],"description":{"lang":"eng","value":"An issue has been discovered in the GitLab Duo with Amazon Q affecting all versions from 17.8 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. A specifically crafted issue could manipulate AI-assisted development features to potentially expose sensitive project data to unauthorized users."},"impact":{"avid":{"vuln_id":"CVE-2025-2867","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} From 9fd22a3f7f72cfacf9434d5766fb1335df130786 Mon Sep 17 00:00:00 2001 From: shubhobm Date: Tue, 2 Dec 2025 17:46:20 +0530 Subject: [PATCH 2/7] async --- avidtools/datamodels/components.py | 35 ++- mileva_cves.jsonl | 58 ++++ mileva_reports.jsonl | 58 ++++ scripts/mileva.py | 455 +++++++++++++++++++++-------- scripts/mileva_cves.jsonl | 32 -- 5 files changed, 479 insertions(+), 159 deletions(-) create mode 100644 mileva_cves.jsonl create mode 100644 mileva_reports.jsonl delete mode 100644 scripts/mileva_cves.jsonl diff --git a/avidtools/datamodels/components.py b/avidtools/datamodels/components.py index da8e605..177d684 100644 --- a/avidtools/datamodels/components.py +++ b/avidtools/datamodels/components.py @@ -101,6 +101,31 @@ class Config: # vuln_id is excluded if None fields = {"vuln_id": {"exclude": True}} +class CVSSScores(BaseModel): + """CVSS v3.0/v3.1 severity metrics.""" + + version: str + vectorString: str + baseScore: float + baseSeverity: str + attackVector: Optional[str] = None + attackComplexity: Optional[str] = None + privilegesRequired: Optional[str] = None + userInteraction: Optional[str] = None + scope: Optional[str] = None + confidentialityImpact: Optional[str] = None + integrityImpact: Optional[str] = None + availabilityImpact: Optional[str] = None + + +class CWETaxonomy(BaseModel): + """CWE (Common Weakness Enumeration) taxonomy mapping.""" + + cweId: str + description: Optional[str] = None + lang: Optional[str] = None + + class Impact(BaseModel): """Impact information of a report/vulnerability. @@ -109,6 +134,12 @@ class Impact(BaseModel): avid: AvidTaxonomy atlas: Optional[List[AtlasTaxonomy]] = None + cvss: Optional[CVSSScores] = None + cwe: Optional[List[CWETaxonomy]] = None - class Config: # atlas is excluded if None - fields = {"atlas": {"exclude": True}} + class Config: # Fields are excluded if None + fields = { + "atlas": {"exclude": True}, + "cvss": {"exclude": True}, + "cwe": {"exclude": True} + } diff --git a/mileva_cves.jsonl b/mileva_cves.jsonl new file mode 100644 index 0000000..8d822c7 --- /dev/null +++ b/mileva_cves.jsonl @@ -0,0 +1,58 @@ +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-0132"},"affects":{"developer":["NVIDIA"],"deployer":["NVIDIA"],"artifacts":[{"type":"System","name":"Container Toolkit"},{"type":"System","name":"GPU Operator"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-367: NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-0132"},{"type":"source","label":"https://nvidia.custhelp.com/app/answers/detail/a_id/5582","url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5582"}],"description":{"lang":"eng","value":"CVE-2024-0132 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-0132","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-367","description":"CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition","lang":"en"}]},"published_date":"2024-09-26","last_modified_date":"2024-09-27"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10109"},"affects":{"developer":["mintplex-labs"],"deployer":["mintplex-labs"],"artifacts":[{"type":"System","name":"mintplex-labs/anything-llm"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-863: A vulnerability in the mintplex-labs/anything-llm repository, as of commit 5c40419, allows low privilege users to access the sensitive API endpoint \"/api/system/custom-models\". This access enables them to modify the model's API key and base path, leading to potential API key leakage and denial of service on chats."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10109"},{"type":"source","label":"https://huntr.com/bounties/ad3c9e76-679d-4775-b203-96947ff73551","url":"https://huntr.com/bounties/ad3c9e76-679d-4775-b203-96947ff73551"},{"type":"source","label":"https://github.com/mintplex-labs/anything-llm/commit/8d302c3f670c582b09d47e96132c248101447a11","url":"https://github.com/mintplex-labs/anything-llm/commit/8d302c3f670c582b09d47e96132c248101447a11"}],"description":{"lang":"eng","value":"CVE-2024-10109 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10109","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-863","description":"CWE-863 Incorrect Authorization","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10273"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-863: In lunary-ai/lunary v1.5.0, improper privilege management in the models.ts file allows users with viewer roles to modify models owned by others. The PATCH endpoint for models does not have appropriate privilege checks, enabling low-privilege users to update models they should not have access to modify. This vulnerability could lead to unauthorized changes in critical resources, affecting the integrity and reliability of the system."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10273"},{"type":"source","label":"https://huntr.com/bounties/883d9fe2-5730-41e1-a5c2-59972489876e","url":"https://huntr.com/bounties/883d9fe2-5730-41e1-a5c2-59972489876e"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc","url":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc"}],"description":{"lang":"eng","value":"CVE-2024-10273 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10273","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-863","description":"CWE-863 Incorrect Authorization","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10274"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: An improper authorization vulnerability exists in lunary-ai/lunary version 1.5.5. The /users/me/org endpoint lacks adequate access control mechanisms, allowing unauthorized users to access sensitive information about all team members in the current organization. This vulnerability can lead to the disclosure of sensitive information such as names, roles, or emails to users without sufficient privileges, resulting in privacy violations and potential reconnaissance for targeted attacks."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10274"},{"type":"source","label":"https://huntr.com/bounties/506459c1-da60-45c5-a10d-8bd540a4b4c1","url":"https://huntr.com/bounties/506459c1-da60-45c5-a10d-8bd540a4b4c1"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc","url":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc"}],"description":{"lang":"eng","value":"CVE-2024-10274 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10274","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10330"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: In lunary-ai/lunary version 1.5.6, the `/v1/evaluators/` endpoint lacks proper access control, allowing any user associated with a project to fetch all evaluator data regardless of their role. This vulnerability permits low-privilege users to access potentially sensitive evaluation data."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10330"},{"type":"source","label":"https://huntr.com/bounties/598ecd65-1723-4fb7-a9aa-9c4f56a5a2aa","url":"https://huntr.com/bounties/598ecd65-1723-4fb7-a9aa-9c4f56a5a2aa"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc","url":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc"}],"description":{"lang":"eng","value":"CVE-2024-10330 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10330","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10513"},"affects":{"developer":["mintplex-labs"],"deployer":["mintplex-labs"],"artifacts":[{"type":"System","name":"mintplex-labs/anything-llm"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-23: A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs/anything-llm, affecting the latest version prior to 1.2.2. This vulnerability allows users with the 'manager' role to access and manipulate the 'anythingllm.db' database file. By exploiting the vulnerable endpoint '/api/document/move-files', an attacker can move the database file to a publicly accessible directory, download it, and subsequently delete it. This can lead to unauthorized access to sensitive data, privilege escalation, and potential data loss."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10513"},{"type":"source","label":"https://huntr.com/bounties/ad11cecf-161a-4fb1-986f-6f88272cbb9e","url":"https://huntr.com/bounties/ad11cecf-161a-4fb1-986f-6f88272cbb9e"},{"type":"source","label":"https://github.com/mintplex-labs/anything-llm/commit/47a5c7126c20e2277ee56e2c7ee11990886a40a7","url":"https://github.com/mintplex-labs/anything-llm/commit/47a5c7126c20e2277ee56e2c7ee11990886a40a7"}],"description":{"lang":"eng","value":"CVE-2024-10513 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10513","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-23","description":"CWE-23 Relative Path Traversal","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10762"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: In lunary-ai/lunary before version 1.5.9, the /v1/evaluators/ endpoint allows users to delete evaluators of a project by sending a DELETE request. However, the route lacks proper access control, such as middleware to ensure that only users with appropriate roles can delete evaluator data. This vulnerability allows low-privilege users to delete evaluators data, causing permanent data loss and potentially hindering operations."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10762"},{"type":"source","label":"https://huntr.com/bounties/23ab508e-d956-4861-b28f-0569d3b404a6","url":"https://huntr.com/bounties/23ab508e-d956-4861-b28f-0569d3b404a6"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/91587496673da24cb7ddedfbbd6e602592b20ef6","url":"https://github.com/lunary-ai/lunary/commit/91587496673da24cb7ddedfbbd6e602592b20ef6"}],"description":{"lang":"eng","value":"CVE-2024-10762 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10762","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10821"},"affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-835: A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of the Invoke-AI server (version v5.0.1) allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and a complete denial of service for all users. The affected endpoint is `/api/v1/images/upload`."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10821"},{"type":"source","label":"https://huntr.com/bounties/0ac24835-c4c0-4f11-938a-d5641dfb80b2","url":"https://huntr.com/bounties/0ac24835-c4c0-4f11-938a-d5641dfb80b2"}],"description":{"lang":"eng","value":"CVE-2024-10821 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10821","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-835","description":"CWE-835 Loop with Unreachable Exit Condition","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10829"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-835: A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of eosphoros-ai/db-gpt v0.6.0 allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and complete denial of service for all users. This vulnerability affects all endpoints processing multipart/form-data requests."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10829"},{"type":"source","label":"https://huntr.com/bounties/e3a4a0ad-a2e0-497f-a2e0-e3c0ec7c4de4","url":"https://huntr.com/bounties/e3a4a0ad-a2e0-497f-a2e0-e3c0ec7c4de4"}],"description":{"lang":"eng","value":"CVE-2024-10829 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10829","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-835","description":"CWE-835 Loop with Unreachable Exit Condition","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10830"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-22: A Path Traversal vulnerability exists in the eosphoros-ai/db-gpt version 0.6.0 at the API endpoint `/v1/resource/file/delete`. This vulnerability allows an attacker to delete any file on the server by manipulating the `file_key` parameter. The `file_key` parameter is not properly sanitized, enabling an attacker to specify arbitrary file paths. If the specified file exists, the application will delete it."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10830"},{"type":"source","label":"https://huntr.com/bounties/26adf08a-9262-4d5a-a2ee-ce12ed919620","url":"https://huntr.com/bounties/26adf08a-9262-4d5a-a2ee-ce12ed919620"}],"description":{"lang":"eng","value":"CVE-2024-10830 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10830","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-22","description":"CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10831"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-36: In eosphoros-ai/db-gpt version 0.6.0, the endpoint for uploading files is vulnerable to absolute path traversal. This vulnerability allows an attacker to upload arbitrary files to arbitrary locations on the target server. The issue arises because the `file_key` and `doc_file.filename` parameters are user-controllable, enabling the construction of paths outside the intended directory. This can lead to overwriting essential system files, such as SSH keys, for further exploitation."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10831"},{"type":"source","label":"https://huntr.com/bounties/5c34c39f-66d4-414c-ab6a-f7888a5d882a","url":"https://huntr.com/bounties/5c34c39f-66d4-414c-ab6a-f7888a5d882a"}],"description":{"lang":"eng","value":"CVE-2024-10831 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10831","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-36","description":"CWE-36 Absolute Path Traversal","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10833"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-36: eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to absolute path traversal, allowing attackers to write files to arbitrary locations on the target server. This vulnerability arises because the 'doc_file.filename' parameter is user-controllable, enabling the construction of absolute paths."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10833"},{"type":"source","label":"https://huntr.com/bounties/dc58e981-e325-4c11-b4e1-1095890fd15a","url":"https://huntr.com/bounties/dc58e981-e325-4c11-b4e1-1095890fd15a"}],"description":{"lang":"eng","value":"CVE-2024-10833 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10833","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-36","description":"CWE-36 Absolute Path Traversal","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10834"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-73: eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that allows for arbitrary file write. The issue arises from the ability to pass an absolute path to a call to `os.path.join`, enabling an attacker to write files to arbitrary locations on the target server. This vulnerability can be exploited by setting the `doc_file.filename` to an absolute path, which can lead to overwriting system files or creating new SSH-key entries."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10834"},{"type":"source","label":"https://huntr.com/bounties/0d598508-151a-4050-9ccd-31bb82955e7a","url":"https://huntr.com/bounties/0d598508-151a-4050-9ccd-31bb82955e7a"}],"description":{"lang":"eng","value":"CVE-2024-10834 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10834","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-73","description":"CWE-73 External Control of File Name or Path","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10835"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-89: In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/sql/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the victim's file system. This can potentially lead to Remote Code Execution (RCE)."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10835"},{"type":"source","label":"https://huntr.com/bounties/e32fda74-ca83-431c-8de8-08274ba686c9","url":"https://huntr.com/bounties/e32fda74-ca83-431c-8de8-08274ba686c9"}],"description":{"lang":"eng","value":"CVE-2024-10835 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10835","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-89","description":"CWE-89 Improper Neutralization of Special Elements used in an SQL Command","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10906"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-352: In version 0.6.0 of eosphoros-ai/db-gpt, the `uvicorn` app created by `dbgpt_server` uses an overly permissive instance of `CORSMiddleware` which sets the `Access-Control-Allow-Origin` to `*` for all requests. This configuration makes all endpoints exposed by the server vulnerable to Cross-Site Request Forgery (CSRF). An attacker can exploit this vulnerability to interact with any endpoints of the instance, even if the instance is not publicly exposed to the network."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10906"},{"type":"source","label":"https://huntr.com/bounties/8864aca5-a342-4dab-b866-b2882ba6f160","url":"https://huntr.com/bounties/8864aca5-a342-4dab-b866-b2882ba6f160"}],"description":{"lang":"eng","value":"CVE-2024-10906 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10906","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"LOW"},"cwe":[{"cweId":"CWE-352","description":"CWE-352 Cross-Site Request Forgery (CSRF)","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10940"},"affects":{"developer":["langchain-ai"],"deployer":["langchain-ai"],"artifacts":[{"type":"System","name":"langchain-ai/langchain"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-497: A vulnerability in langchain-core versions >=0.1.17,<0.1.53, >=0.2.0,<0.2.43, and >=0.3.0,<0.3.15 allows unauthorized users to read arbitrary files from the host file system. The issue arises from the ability to create langchain_core.prompts.ImagePromptTemplate's (and by extension langchain_core.prompts.ChatPromptTemplate's) with input variables that can read any user-specified path from the server file system. If the outputs of these prompt templates are exposed to the user, either directly or through downstream model outputs, it can lead to the exposure of sensitive information."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10940"},{"type":"source","label":"https://huntr.com/bounties/be1ee1cb-2147-4ff4-a57b-b6045271cf27","url":"https://huntr.com/bounties/be1ee1cb-2147-4ff4-a57b-b6045271cf27"},{"type":"source","label":"https://github.com/langchain-ai/langchain/commit/c1e742347f9701aadba8920e4d1f79a636e50b68","url":"https://github.com/langchain-ai/langchain/commit/c1e742347f9701aadba8920e4d1f79a636e50b68"}],"description":{"lang":"eng","value":"CVE-2024-10940 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10940","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-497","description":"CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10950"},"affects":{"developer":["binary-husky"],"deployer":["binary-husky"],"artifacts":[{"type":"System","name":"binary-husky/gpt_academic"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-94: In binary-husky/gpt_academic version <= 3.83, the plugin `CodeInterpreter` is vulnerable to code injection caused by prompt injection. The root cause is the execution of user-provided prompts that generate untrusted code without a sandbox, allowing the execution of parts of the LLM-generated code. This vulnerability can be exploited by an attacker to achieve remote code execution (RCE) on the application backend server, potentially gaining full control of the server."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10950"},{"type":"source","label":"https://huntr.com/bounties/9abb1617-0c1d-42c7-a647-d9d2b39c6866","url":"https://huntr.com/bounties/9abb1617-0c1d-42c7-a647-d9d2b39c6866"}],"description":{"lang":"eng","value":"CVE-2024-10950 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10950","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-94","description":"CWE-94 Improper Control of Generation of Code","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10954"},"affects":{"developer":["binary-husky"],"deployer":["binary-husky"],"artifacts":[{"type":"System","name":"binary-husky/gpt_academic"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-94: In the `manim` plugin of binary-husky/gpt_academic, versions prior to the fix, a vulnerability exists due to improper handling of user-provided prompts. The root cause is the execution of untrusted code generated by the LLM without a proper sandbox. This allows an attacker to perform remote code execution (RCE) on the app backend server by injecting malicious code through the prompt."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10954"},{"type":"source","label":"https://huntr.com/bounties/72d034e3-6ca2-495d-98a7-ac9565588c09","url":"https://huntr.com/bounties/72d034e3-6ca2-495d-98a7-ac9565588c09"}],"description":{"lang":"eng","value":"CVE-2024-10954 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10954","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-94","description":"CWE-94 Improper Control of Generation of Code","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-11042"},"affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-73: In invoke-ai/invokeai version v5.0.2, the web API `POST /api/v1/images/delete` is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH keys, SQLite databases, and configuration files. This can impact the integrity and availability of applications relying on these files."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-11042"},{"type":"source","label":"https://huntr.com/bounties/635535a7-c804-4789-ac3a-48d951263987","url":"https://huntr.com/bounties/635535a7-c804-4789-ac3a-48d951263987"},{"type":"source","label":"https://github.com/invoke-ai/invokeai/commit/5440c037674882b2ab7acd59087e9bb04b49657a","url":"https://github.com/invoke-ai/invokeai/commit/5440c037674882b2ab7acd59087e9bb04b49657a"}],"description":{"lang":"eng","value":"CVE-2024-11042 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-11042","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-73","description":"CWE-73 External Control of File Name or Path","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-11043"},"affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-400: A Denial of Service (DoS) vulnerability was discovered in the /api/v1/boards/{board_id} endpoint of invoke-ai/invokeai version v5.0.2. This vulnerability occurs when an excessively large payload is sent in the board_name field during a PATCH request. By sending a large payload, the UI becomes unresponsive, rendering it impossible for users to interact with or manage the affected board. Additionally, the option to delete the board becomes inaccessible, amplifying the severity of the issue."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-11043"},{"type":"source","label":"https://huntr.com/bounties/9270900a-b8b7-402f-aee5-432d891e5648","url":"https://huntr.com/bounties/9270900a-b8b7-402f-aee5-432d891e5648"}],"description":{"lang":"eng","value":"CVE-2024-11043 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-11043","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-400","description":"CWE-400 Uncontrolled Resource Consumption","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-11300"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-639: In lunary-ai/lunary before version 1.6.3, an improper access control vulnerability exists where a user can access prompt data of another user. This issue affects version 1.6.2 and the main branch. The vulnerability allows unauthorized users to view sensitive prompt data by accessing specific URLs, leading to potential exposure of critical information."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-11300"},{"type":"source","label":"https://huntr.com/bounties/8dca7994-0d92-491e-a419-02adfe23ffa4","url":"https://huntr.com/bounties/8dca7994-0d92-491e-a419-02adfe23ffa4"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd","url":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd"}],"description":{"lang":"eng","value":"CVE-2024-11300 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-11300","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-639","description":"CWE-639 Authorization Bypass Through User-Controlled Key","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-11301"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-837: In lunary-ai/lunary before version 1.6.3, the application allows the creation of evaluators without enforcing a unique constraint on the combination of projectId and slug. This allows an attacker to overwrite existing data by submitting a POST request with the same slug as an existing evaluator. The lack of database constraints or application-layer validation to prevent duplicates exposes the application to data integrity issues. This vulnerability can result in corrupted data and potentially malicious actions, impairing the system's functionality."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-11301"},{"type":"source","label":"https://huntr.com/bounties/3d99aca5-b135-4833-b48b-7806bc4bf861","url":"https://huntr.com/bounties/3d99aca5-b135-4833-b48b-7806bc4bf861"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd","url":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd"}],"description":{"lang":"eng","value":"CVE-2024-11301 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-11301","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-837","description":"CWE-837 Improper Enforcement of a Single, Unique Action","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12029"},"affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-502: A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious code in model files, which is executed upon loading. This issue is fixed in version 5.4.3."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12029"},{"type":"source","label":"https://huntr.com/bounties/9b790f94-1b1b-4071-bc27-78445d1a87a3","url":"https://huntr.com/bounties/9b790f94-1b1b-4071-bc27-78445d1a87a3"},{"type":"source","label":"https://github.com/invoke-ai/invokeai/commit/756008dc5899081c5aa51e5bd8f24c1b3975a59e","url":"https://github.com/invoke-ai/invokeai/commit/756008dc5899081c5aa51e5bd8f24c1b3975a59e"}],"description":{"lang":"eng","value":"CVE-2024-12029 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-12029","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-502","description":"CWE-502 Deserialization of Untrusted Data","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12606"},"affects":{"developer":["opacewebdesign"],"deployer":["opacewebdesign"],"artifacts":[{"type":"System","name":"AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K)"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the engine_request_data() function in all versions up to, and including, 2.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update plugin settings."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12606"},{"type":"source","label":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4bc4a765-719e-4e99-b7f3-d255e4c019f5?source=cve","url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4bc4a765-719e-4e99-b7f3-d255e4c019f5?source=cve"},{"type":"source","label":"https://plugins.trac.wordpress.org/browser/ai-scribe-the-chatgpt-powered-seo-content-creation-wizard/trunk/article_builder.php#L730","url":"https://plugins.trac.wordpress.org/browser/ai-scribe-the-chatgpt-powered-seo-content-creation-wizard/trunk/article_builder.php#L730"}],"description":{"lang":"eng","value":"CVE-2024-12606 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-12606","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"published_date":"2025-01-10","last_modified_date":"2025-01-10"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12704"},"affects":{"developer":["run-llama"],"deployer":["run-llama"],"artifacts":[{"type":"System","name":"run-llama/llama_index"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-835: A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method executes the llm using a thread and retrieves the result via the get_response_gen method of the StreamingGeneratorCallbackHandler class. If the thread terminates abnormally before the _llm.predict is executed, there is no exception handling for this case, leading to an infinite loop in the get_response_gen function. This can be triggered by providing an input of an incorrect type, causing the thread to terminate and the process to continue running indefinitely."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12704"},{"type":"source","label":"https://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a","url":"https://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a"},{"type":"source","label":"https://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05","url":"https://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05"}],"description":{"lang":"eng","value":"CVE-2024-12704 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-12704","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-835","description":"CWE-835 Loop with Unreachable Exit Condition","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12779"},"affects":{"developer":["infiniflow"],"deployer":["infiniflow"],"artifacts":[{"type":"System","name":"infiniflow/ragflow"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-918: A Server-Side Request Forgery (SSRF) vulnerability exists in infiniflow/ragflow version 0.12.0. The vulnerability is present in the `POST /v1/llm/add_llm` and `POST /v1/conversation/tts` endpoints. Attackers can specify an arbitrary URL as the `api_base` when adding an `OPENAITTS` model, and subsequently access the `tts` REST API endpoint to read contents from the specified URL. This can lead to unauthorized access to internal web resources."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12779"},{"type":"source","label":"https://huntr.com/bounties/3cc748ba-2afb-4bfe-8553-10eb6d6dd4f0","url":"https://huntr.com/bounties/3cc748ba-2afb-4bfe-8553-10eb6d6dd4f0"}],"description":{"lang":"eng","value":"CVE-2024-12779 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-12779","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-918","description":"CWE-918 Server-Side Request Forgery (SSRF)","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12909"},"affects":{"developer":["run-llama"],"deployer":["run-llama"],"artifacts":[{"type":"System","name":"run-llama/llama_index"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-89: A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for SQL injection in the `run_sql_query` function of the `database_agent`. This vulnerability can be exploited by an attacker to inject arbitrary SQL queries, leading to remote code execution (RCE) through the use of PostgreSQL's large object functionality. The issue is fixed in version 0.3.0."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12909"},{"type":"source","label":"https://huntr.com/bounties/44e8177f-200a-4ba3-a12c-8bc21e313a3f","url":"https://huntr.com/bounties/44e8177f-200a-4ba3-a12c-8bc21e313a3f"},{"type":"source","label":"https://github.com/run-llama/llama_index/commit/5d03c175476452db9b8abcdb7d5767dd7b310a75","url":"https://github.com/run-llama/llama_index/commit/5d03c175476452db9b8abcdb7d5767dd7b310a75"}],"description":{"lang":"eng","value":"CVE-2024-12909 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-12909","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-89","description":"CWE-89 Improper Neutralization of Special Elements used in an SQL Command","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12911"},"affects":{"developer":["run-llama"],"deployer":["run-llama"],"artifacts":[{"type":"System","name":"run-llama/llama_index"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-89: A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12911"},{"type":"source","label":"https://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3","url":"https://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3"},{"type":"source","label":"https://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e","url":"https://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e"}],"description":{"lang":"eng","value":"CVE-2024-12911 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-12911","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-89","description":"CWE-89 Improper Neutralization of Special Elements used in an SQL Command","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-49785"},"affects":{"developer":["IBM"],"deployer":["IBM"],"artifacts":[{"type":"System","name":"watsonx.ai"},{"type":"System","name":"watsonx.ai on Cloud Pak for Data"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-79: IBM watsonx.ai 1.1 through 2.0.3 and IBM watsonx.ai on Cloud Pak for Data 4.8 through 5.0.3 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-49785"},{"type":"source","label":"https://www.ibm.com/support/pages/node/7180723","url":"https://www.ibm.com/support/pages/node/7180723"}],"description":{"lang":"eng","value":"CVE-2024-49785 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-49785","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-79","description":"CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')","lang":"en"}]},"published_date":"2025-01-12","last_modified_date":"2025-01-13"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-6838"},"affects":{"developer":["mlflow"],"deployer":["mlflow"],"artifacts":[{"type":"System","name":"mlflow/mlflow"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-400: In mlflow/mlflow version v2.13.2, a vulnerability exists that allows the creation or renaming of an experiment with a large number of integers in its name due to the lack of a limit on the experiment name. This can cause the MLflow UI panel to become unresponsive, leading to a potential denial of service. Additionally, there is no character limit in the `artifact_location` parameter while creating the experiment."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-6838"},{"type":"source","label":"https://huntr.com/bounties/8ad52cb2-2cda-4eb0-aec9-586060ee43e0","url":"https://huntr.com/bounties/8ad52cb2-2cda-4eb0-aec9-586060ee43e0"}],"description":{"lang":"eng","value":"CVE-2024-6838 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-6838","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"cwe":[{"cweId":"CWE-400","description":"CWE-400 Uncontrolled Resource Consumption","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-6842"},"affects":{"developer":["mintplex-labs"],"deployer":["mintplex-labs"],"artifacts":[{"type":"System","name":"mintplex-labs/anything-llm"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-306: In version 1.5.5 of mintplex-labs/anything-llm, the `/setup-complete` API endpoint allows unauthorized users to access sensitive system settings. The data returned by the `currentSettings` function includes sensitive information such as API keys for search engines, which can be exploited by attackers to steal these keys and cause loss of user assets."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-6842"},{"type":"source","label":"https://huntr.com/bounties/cd911fc7-ac6b-4974-acd0-9cc926fa8d9e","url":"https://huntr.com/bounties/cd911fc7-ac6b-4974-acd0-9cc926fa8d9e"},{"type":"source","label":"https://github.com/mintplex-labs/anything-llm/commit/8b1ceb30c159cf3a10efa16275bc6849d84e4ea8","url":"https://github.com/mintplex-labs/anything-llm/commit/8b1ceb30c159cf3a10efa16275bc6849d84e4ea8"}],"description":{"lang":"eng","value":"CVE-2024-6842 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-6842","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-306","description":"CWE-306 Missing Authentication for Critical Function","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-8999"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST /api/v1/data-warehouse/bigquery endpoint. This vulnerability allows any user to export the entire database data by creating a stream to Google BigQuery without proper authentication or authorization. The issue is fixed in version 1.4.26."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-8999"},{"type":"source","label":"https://huntr.com/bounties/d42b7a44-0dcb-4ef0-b15c-d0e558da65c6","url":"https://huntr.com/bounties/d42b7a44-0dcb-4ef0-b15c-d0e558da65c6"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/aa0fd22952d1d84a717ae563eb1ab564d94a9e2b","url":"https://github.com/lunary-ai/lunary/commit/aa0fd22952d1d84a717ae563eb1ab564d94a9e2b"}],"description":{"lang":"eng","value":"CVE-2024-8999 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-8999","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-9000"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: In lunary-ai/lunary before version 1.4.26, the checklists.post() endpoint allows users to create or modify checklists without validating whether the user has proper permissions. This missing access control permits unauthorized users to create checklists, bypassing intended permission checks. Additionally, the endpoint does not validate the uniqueness of the slug field when creating a new checklist, allowing an attacker to spoof existing checklists by reusing the slug of an already-existing checklist. This can lead to significant data integrity issues, as legitimate checklists can be replaced with malicious or altered data."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-9000"},{"type":"source","label":"https://huntr.com/bounties/f5fca549-0a4a-4f64-8ccf-d4e108856da4","url":"https://huntr.com/bounties/f5fca549-0a4a-4f64-8ccf-d4e108856da4"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/a02861ef9bb6ce860a35f7b8f178d58859cd85f0","url":"https://github.com/lunary-ai/lunary/commit/a02861ef9bb6ce860a35f7b8f178d58859cd85f0"}],"description":{"lang":"eng","value":"CVE-2024-9000 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-9000","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-1550"},"affects":{"developer":["Google"],"deployer":["Google"],"artifacts":[{"type":"System","name":"Keras"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-94: The Keras Model.load_model function permits arbitrary code execution, even with safe_mode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their arguments, to be loaded and executed during model loading."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1550"},{"type":"source","label":"https://github.com/keras-team/keras/pull/20751","url":"https://github.com/keras-team/keras/pull/20751"},{"type":"source","label":"https://towerofhanoi.it/writeups/cve-2025-1550/","url":"https://towerofhanoi.it/writeups/cve-2025-1550/"}],"description":{"lang":"eng","value":"CVE-2025-1550 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-1550","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-94","description":"CWE-94: Improper Control of Generation of Code ('Code Injection')","lang":"en"}]},"published_date":"2025-03-11","last_modified_date":"2025-07-24"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-1716"},"affects":{"developer":["mmaitre314"],"deployer":["mmaitre314"],"artifacts":[{"type":"System","name":"picklescan"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-184: picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craft a malicious model that uses Pickle to pull in a malicious PyPI package (hosted, for example, on pypi.org or GitHub) via `pip.main()`. Because pip is not a restricted global, the model, when scanned with picklescan, would pass security checks and appear to be safe, when it could instead prove to be problematic."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1716"},{"type":"source","label":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1716","url":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1716"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/commit/78ce704227c51f070c0c5fb4b466d92c62a7aa3d","url":"https://github.com/mmaitre314/picklescan/commit/78ce704227c51f070c0c5fb4b466d92c62a7aa3d"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v","url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v"}],"description":{"lang":"eng","value":"CVE-2025-1716 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-1716","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-184","description":"CWE-184 Incomplete List of Disallowed Inputs","lang":"en"}]},"published_date":"2025-02-26","last_modified_date":"2025-03-03"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-1889"},"affects":{"developer":["mmaitre314"],"deployer":["mmaitre314"],"artifacts":[{"type":"System","name":"picklescan"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-646: picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An attacker could craft a malicious model that uses Pickle and include a malicious pickle file with a non-standard file extension. Because the malicious pickle file inclusion is not considered as part of the scope of picklescan, the file would pass security checks and appear to be safe, when it could instead prove to be problematic."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1889"},{"type":"source","label":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1889","url":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1889"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v","url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v"}],"description":{"lang":"eng","value":"CVE-2025-1889 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-1889","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-646","description":"CWE-646 Reliance on File Name or Extension of Externally-Supplied File","lang":"en"}]},"published_date":"2025-03-03","last_modified_date":"2025-03-04"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-1944"},"affects":{"developer":["mmaitre314"],"deployer":["mmaitre314"],"artifacts":[{"type":"System","name":"picklescan"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-345: picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan raise a BadZipFile error. However, PyTorch's more forgiving ZIP implementation still allows the model to be loaded, enabling malicious payloads to bypass detection."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1944"},{"type":"source","label":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1944","url":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1944"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-7q5r-7gvp-wc82","url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-7q5r-7gvp-wc82"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781","url":"https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781"}],"description":{"lang":"eng","value":"CVE-2025-1944 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-1944","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-345","description":"CWE-345 Insufficient Verification of Data Authenticity","lang":"en"}]},"published_date":"2025-03-10","last_modified_date":"2025-03-10"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-1945"},"affects":{"developer":["mmaitre314"],"deployer":["mmaitre314"],"artifacts":[{"type":"System","name":"picklescan"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-345: picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being successfully loaded by PyTorch's torch.load(). This can lead to arbitrary code execution when loading a compromised model."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1945"},{"type":"source","label":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1945","url":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1945"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-w8jq-xcqf-f792","url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-w8jq-xcqf-f792"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781","url":"https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781"}],"description":{"lang":"eng","value":"CVE-2025-1945 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-1945","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-345","description":"CWE-345 Insufficient Verification of Data Authenticity","lang":"en"}]},"published_date":"2025-03-10","last_modified_date":"2025-03-10"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-2129"},"affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"Mage AI"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-1188: A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. After 7 months of repeated follow-ups by the researcher, Mage AI has decided to not accept this issue as a valid security vulnerability and has confirmed that they will not be addressing it."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2129"},{"type":"source","label":"https://vuldb.com/?id.299049","url":"https://vuldb.com/?id.299049"},{"type":"source","label":"https://vuldb.com/?ctiid.299049","url":"https://vuldb.com/?ctiid.299049"},{"type":"source","label":"https://vuldb.com/?submit.510690","url":"https://vuldb.com/?submit.510690"},{"type":"source","label":"https://github.com/zn9988/publications/blob/main/2.Mage-AI%20-%20Insecure%20Default%20Authentication%20Setup%20Leading%20to%20Zero-Click%20RCE/README.md","url":"https://github.com/zn9988/publications/blob/main/2.Mage-AI%20-%20Insecure%20Default%20Authentication%20Setup%20Leading%20to%20Zero-Click%20RCE/README.md"}],"description":{"lang":"eng","value":"CVE-2025-2129 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-2129","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":5.6,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-1188","description":"Insecure Default Initialization of Resource","lang":"en"}]},"published_date":"2025-03-09","last_modified_date":"2025-03-10"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-21396"},"affects":{"developer":["Microsoft"],"deployer":["Microsoft"],"artifacts":[{"type":"System","name":"Microsoft Account"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: Missing authorization in Microsoft Account allows an unauthorized attacker to elevate privileges over a network."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-21396"},{"type":"source","label":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21396","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21396"}],"description":{"lang":"eng","value":"CVE-2025-21396 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-21396","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C","baseScore":8.2,"baseSeverity":"HIGH"},"cwe":[{"cweId":"CWE-862","description":"CWE-862: Missing Authorization","lang":"en-US"}]},"published_date":"2025-01-29","last_modified_date":"2025-09-09"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-21415"},"affects":{"developer":["Microsoft"],"deployer":["Microsoft"],"artifacts":[{"type":"System","name":"Azure AI Face Service"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-290: Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to elevate privileges over a network."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-21415"},{"type":"source","label":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21415","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21415"}],"description":{"lang":"eng","value":"CVE-2025-21415 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-21415","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C","baseScore":9.9,"baseSeverity":"CRITICAL"},"cwe":[{"cweId":"CWE-290","description":"CWE-290: Authentication Bypass by Spoofing","lang":"en-US"}]},"published_date":"2025-01-29","last_modified_date":"2025-09-09"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-23359"},"affects":{"developer":["NVIDIA"],"deployer":["NVIDIA"],"artifacts":[{"type":"System","name":"Container Toolkit"},{"type":"System","name":"GPU Operator"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-367: NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-23359"},{"type":"source","label":"https://nvidia.custhelp.com/app/answers/detail/a_id/5616","url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5616"}],"description":{"lang":"eng","value":"CVE-2025-23359 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-23359","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-367","description":"CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition","lang":"en"}]},"published_date":"2025-02-12","last_modified_date":"2025-04-11"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-2450"},"affects":{"developer":["NI"],"deployer":["NI"],"artifacts":[{"type":"System","name":"Vision Builder AI"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-356: NI Vision Builder AI VBAI File Processing Missing Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI Vision Builder AI. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the processing of VBAI files. The issue results from allowing the execution of dangerous script without user warning. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22833."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2450"},{"type":"source","label":"https://www.zerodayinitiative.com/advisories/ZDI-25-147/","url":"https://www.zerodayinitiative.com/advisories/ZDI-25-147/"}],"description":{"lang":"eng","value":"CVE-2025-2450 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-2450","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH"},"cwe":[{"cweId":"CWE-356","description":"CWE-356: Product UI does not Warn User of Unsafe Actions","lang":"en"}]},"published_date":"2025-03-18","last_modified_date":"2025-03-18"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-24986"},"affects":{"developer":["Microsoft"],"deployer":["Microsoft"],"artifacts":[{"type":"System","name":"Azure promptflow-core"},{"type":"System","name":"Azure promptflow-tools"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-653: Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-24986"},{"type":"source","label":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24986","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24986"}],"description":{"lang":"eng","value":"CVE-2025-24986 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-24986","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C","baseScore":6.5,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-653","description":"CWE-653: Improper Isolation or Compartmentalization","lang":"en-US"}]},"published_date":"2025-03-11","last_modified_date":"2025-05-19"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-27520"},"affects":{"developer":["bentoml"],"deployer":["bentoml"],"artifacts":[{"type":"System","name":"BentoML"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-502: BentoML is a Python library for building online serving systems optimized for AI apps and model inference. A Remote Code Execution (RCE) vulnerability caused by insecure deserialization has been identified in the latest version (v1.4.2) of BentoML. It allows any unauthenticated user to execute arbitrary code on the server. It exists an unsafe code segment in serde.py. This vulnerability is fixed in 1.4.3."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-27520"},{"type":"source","label":"https://github.com/bentoml/BentoML/security/advisories/GHSA-33xw-247w-6hmc","url":"https://github.com/bentoml/BentoML/security/advisories/GHSA-33xw-247w-6hmc"},{"type":"source","label":"https://github.com/bentoml/BentoML/commit/b35f4f4fcc53a8c3fe8ed9c18a013fe0a728e194","url":"https://github.com/bentoml/BentoML/commit/b35f4f4fcc53a8c3fe8ed9c18a013fe0a728e194"}],"description":{"lang":"eng","value":"CVE-2025-27520 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-27520","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-502","description":"CWE-502: Deserialization of Untrusted Data","lang":"en"}]},"published_date":"2025-04-04","last_modified_date":"2025-04-04"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-2867"},"affects":{"developer":["GitLab"],"deployer":["GitLab"],"artifacts":[{"type":"System","name":"GitLab"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-94: An issue has been discovered in the GitLab Duo with Amazon Q affecting all versions from 17.8 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. A specifically crafted issue could manipulate AI-assisted development features to potentially expose sensitive project data to unauthorized users."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2867"},{"type":"source","label":"https://gitlab.com/gitlab-org/gitlab/-/issues/512509","url":"https://gitlab.com/gitlab-org/gitlab/-/issues/512509"}],"description":{"lang":"eng","value":"CVE-2025-2867 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-2867","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-94","description":"CWE-94: Improper Control of Generation of Code ('Code Injection')","lang":"en"}]},"published_date":"2025-03-27","last_modified_date":"2025-03-27"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-2998"},"affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability was found in PyTorch 2.6.0. It has been declared as critical. Affected by this vulnerability is the function torch.nn.utils.rnn.pad_packed_sequence. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2998"},{"type":"source","label":"https://vuldb.com/?id.302047","url":"https://vuldb.com/?id.302047"},{"type":"source","label":"https://vuldb.com/?ctiid.302047","url":"https://vuldb.com/?ctiid.302047"},{"type":"source","label":"https://vuldb.com/?submit.524151","url":"https://vuldb.com/?submit.524151"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149622","url":"https://github.com/pytorch/pytorch/issues/149622"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149622#issue-2935495265","url":"https://github.com/pytorch/pytorch/issues/149622#issue-2935495265"}],"description":{"lang":"eng","value":"CVE-2025-2998 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-2998","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"published_date":"2025-03-31","last_modified_date":"2025-03-31"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-2999"},"affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability was found in PyTorch 2.6.0. It has been rated as critical. Affected by this issue is the function torch.nn.utils.rnn.unpack_sequence. The manipulation leads to memory corruption. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2999"},{"type":"source","label":"https://vuldb.com/?id.302048","url":"https://vuldb.com/?id.302048"},{"type":"source","label":"https://vuldb.com/?ctiid.302048","url":"https://vuldb.com/?ctiid.302048"},{"type":"source","label":"https://vuldb.com/?submit.524198","url":"https://vuldb.com/?submit.524198"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149622","url":"https://github.com/pytorch/pytorch/issues/149622"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149622#issue-2935495265","url":"https://github.com/pytorch/pytorch/issues/149622#issue-2935495265"}],"description":{"lang":"eng","value":"CVE-2025-2999 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-2999","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"published_date":"2025-03-31","last_modified_date":"2025-03-31"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-3000"},"affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability classified as critical has been found in PyTorch 2.6.0. This affects the function torch.jit.script. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3000"},{"type":"source","label":"https://vuldb.com/?id.302049","url":"https://vuldb.com/?id.302049"},{"type":"source","label":"https://vuldb.com/?ctiid.302049","url":"https://vuldb.com/?ctiid.302049"},{"type":"source","label":"https://vuldb.com/?submit.524197","url":"https://vuldb.com/?submit.524197"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149623","url":"https://github.com/pytorch/pytorch/issues/149623"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149623#issue-2935703015","url":"https://github.com/pytorch/pytorch/issues/149623#issue-2935703015"}],"description":{"lang":"eng","value":"CVE-2025-3000 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-3000","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"published_date":"2025-03-31","last_modified_date":"2025-03-31"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-3001"},"affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstm_cell. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3001"},{"type":"source","label":"https://vuldb.com/?id.302050","url":"https://vuldb.com/?id.302050"},{"type":"source","label":"https://vuldb.com/?ctiid.302050","url":"https://vuldb.com/?ctiid.302050"},{"type":"source","label":"https://vuldb.com/?submit.524212","url":"https://vuldb.com/?submit.524212"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149626","url":"https://github.com/pytorch/pytorch/issues/149626"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149626#issue-2935860995","url":"https://github.com/pytorch/pytorch/issues/149626#issue-2935860995"}],"description":{"lang":"eng","value":"CVE-2025-3001 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-3001","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"published_date":"2025-03-31","last_modified_date":"2025-03-31"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-3035"},"affects":{"developer":["Mozilla"],"deployer":["Mozilla"],"artifacts":[{"type":"System","name":"Firefox"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"By first using the AI chatbot in one tab and later activating it in another tab, the document title of the previous tab would leak into the chat prompt. This vulnerability affects Firefox < 137."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3035"},{"type":"source","label":"https://bugzilla.mozilla.org/show_bug.cgi?id=1952268","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1952268"},{"type":"source","label":"https://www.mozilla.org/security/advisories/mfsa2025-20/","url":"https://www.mozilla.org/security/advisories/mfsa2025-20/"}],"description":{"lang":"eng","value":"CVE-2025-3035 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-3035","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}},"published_date":"2025-04-01","last_modified_date":"2025-04-10"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-3121"},"affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jit_module_from_flatbuffer. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3121"},{"type":"source","label":"https://vuldb.com/?id.303012","url":"https://vuldb.com/?id.303012"},{"type":"source","label":"https://vuldb.com/?ctiid.303012","url":"https://vuldb.com/?ctiid.303012"},{"type":"source","label":"https://vuldb.com/?submit.525049","url":"https://vuldb.com/?submit.525049"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149800","url":"https://github.com/pytorch/pytorch/issues/149800"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149800#issue-2940240700","url":"https://github.com/pytorch/pytorch/issues/149800#issue-2940240700"}],"description":{"lang":"eng","value":"CVE-2025-3121 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-3121","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"published_date":"2025-04-02","last_modified_date":"2025-04-03"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-3136"},"affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function torch.cuda.memory.caching_allocator_delete of the file c10/cuda/CUDACachingAllocator.cpp. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3136"},{"type":"source","label":"https://vuldb.com/?id.303041","url":"https://vuldb.com/?id.303041"},{"type":"source","label":"https://vuldb.com/?ctiid.303041","url":"https://vuldb.com/?ctiid.303041"},{"type":"source","label":"https://vuldb.com/?submit.525252","url":"https://vuldb.com/?submit.525252"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149821","url":"https://github.com/pytorch/pytorch/issues/149821"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149821#issuecomment-2765311086","url":"https://github.com/pytorch/pytorch/issues/149821#issuecomment-2765311086"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149821#issue-2940838975","url":"https://github.com/pytorch/pytorch/issues/149821#issue-2940838975"}],"description":{"lang":"eng","value":"CVE-2025-3136 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-3136","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"published_date":"2025-04-03","last_modified_date":"2025-04-03"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-3199"},"affects":{"developer":["ageerle"],"deployer":["ageerle"],"artifacts":[{"type":"System","name":"ruoyi-ai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-285, CWE-266: A vulnerability was found in ageerle ruoyi-ai up to 2.0.1 and classified as critical. Affected by this issue is some unknown functionality of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysModelController.java of the component API Interface. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.2 is able to address this issue. The name of the patch is c0daf641fb25b244591b7a6c3affa35c69d321fe. It is recommended to upgrade the affected component."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3199"},{"type":"source","label":"https://vuldb.com/?id.303152","url":"https://vuldb.com/?id.303152"},{"type":"source","label":"https://vuldb.com/?ctiid.303152","url":"https://vuldb.com/?ctiid.303152"},{"type":"source","label":"https://vuldb.com/?submit.545830","url":"https://vuldb.com/?submit.545830"},{"type":"source","label":"https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_01.md","url":"https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_01.md"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/issues/43#issuecomment-2763091490","url":"https://github.com/ageerle/ruoyi-ai/issues/43#issuecomment-2763091490"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/issues/43","url":"https://github.com/ageerle/ruoyi-ai/issues/43"},{"type":"source","label":"https://github.com/gwozai/ruoyi-ai/commit/c0daf641fb25b244591b7a6c3affa35c69d321fe","url":"https://github.com/gwozai/ruoyi-ai/commit/c0daf641fb25b244591b7a6c3affa35c69d321fe"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/releases/tag/v2.0.2","url":"https://github.com/ageerle/ruoyi-ai/releases/tag/v2.0.2"}],"description":{"lang":"eng","value":"CVE-2025-3199 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-3199","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH"},"cwe":[{"cweId":"CWE-285","description":"Improper Authorization","lang":"en"},{"cweId":"CWE-266","description":"Incorrect Privilege Assignment","lang":"en"}]},"published_date":"2025-04-04","last_modified_date":"2025-04-04"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-32018"},"affects":{"developer":["getcursor"],"deployer":["getcursor"],"artifacts":[{"type":"System","name":"cursor"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-22: Cursor is a code editor built for programming with AI. In versions 0.45.0 through 0.48.6, the Cursor app introduced a regression affecting the set of file paths the Cursor Agent is permitted to modify automatically. Under specific conditions, the agent could be prompted, either directly by the user or via maliciously crafted context, to automatically write to files outside of the opened workspace. This behavior required deliberate prompting, making successful exploitation highly impractical in real-world scenarios. Furthermore, the edited file was still displayed in the UI as usual for user review, making it unlikely for the edit to go unnoticed by the user. This vulnerability is fixed in 0.48.7."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-32018"},{"type":"source","label":"https://github.com/getcursor/cursor/security/advisories/GHSA-qjh8-mh96-fc86","url":"https://github.com/getcursor/cursor/security/advisories/GHSA-qjh8-mh96-fc86"}],"description":{"lang":"eng","value":"CVE-2025-32018 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-32018","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-22","description":"CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","lang":"en"}]},"published_date":"2025-04-08","last_modified_date":"2025-04-08"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-3202"},"affects":{"developer":["ageerle"],"deployer":["ageerle"],"artifacts":[{"type":"System","name":"ruoyi-ai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-285, CWE-266: A vulnerability classified as critical has been found in ageerle ruoyi-ai up to 2.0.0. Affected is an unknown function of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysNoticeController.java. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.1 is able to address this issue. The name of the patch is 6382e177bf90cc56ff70521842409e35c50df32d. It is recommended to upgrade the affected component."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3202"},{"type":"source","label":"https://vuldb.com/?id.303156","url":"https://vuldb.com/?id.303156"},{"type":"source","label":"https://vuldb.com/?ctiid.303156","url":"https://vuldb.com/?ctiid.303156"},{"type":"source","label":"https://vuldb.com/?submit.545866","url":"https://vuldb.com/?submit.545866"},{"type":"source","label":"https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_02.md","url":"https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_02.md"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/issues/44#issue-2957771318","url":"https://github.com/ageerle/ruoyi-ai/issues/44#issue-2957771318"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/commit/6382e177bf90cc56ff70521842409e35c50df32d","url":"https://github.com/ageerle/ruoyi-ai/commit/6382e177bf90cc56ff70521842409e35c50df32d"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/releases/tag/v2.0.1","url":"https://github.com/ageerle/ruoyi-ai/releases/tag/v2.0.1"}],"description":{"lang":"eng","value":"CVE-2025-3202 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-3202","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH"},"cwe":[{"cweId":"CWE-285","description":"Improper Authorization","lang":"en"},{"cweId":"CWE-266","description":"Incorrect Privilege Assignment","lang":"en"}]},"published_date":"2025-04-04","last_modified_date":"2025-04-04"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-32375"},"affects":{"developer":["bentoml"],"deployer":["bentoml"],"artifacts":[{"type":"System","name":"BentoML"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-502: BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.8, there was an insecure deserialization in BentoML's runner server. By setting specific headers and parameters in the POST request, it is possible to execute any unauthorized arbitrary code on the server, which will grant the attackers to have the initial access and information disclosure on the server. This vulnerability is fixed in 1.4.8."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-32375"},{"type":"source","label":"https://github.com/bentoml/BentoML/security/advisories/GHSA-7v4r-c989-xh26","url":"https://github.com/bentoml/BentoML/security/advisories/GHSA-7v4r-c989-xh26"}],"description":{"lang":"eng","value":"CVE-2025-32375 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-32375","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-502","description":"CWE-502: Deserialization of Untrusted Data","lang":"en"}]},"published_date":"2025-04-09","last_modified_date":"2025-04-09"} +{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-3248"},"affects":{"developer":["langflow-ai"],"deployer":["langflow-ai"],"artifacts":[{"type":"System","name":"langflow"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-306: Langflow versions prior to 1.3.0 are susceptible to code injection in \nthe /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary\ncode."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3248"},{"type":"source","label":"https://github.com/langflow-ai/langflow/pull/6911","url":"https://github.com/langflow-ai/langflow/pull/6911"},{"type":"source","label":"https://github.com/langflow-ai/langflow/releases/tag/1.3.0","url":"https://github.com/langflow-ai/langflow/releases/tag/1.3.0"},{"type":"source","label":"https://www.horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/","url":"https://www.horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/"},{"type":"source","label":"https://www.vulncheck.com/advisories/langflow-unauthenticated-rce","url":"https://www.vulncheck.com/advisories/langflow-unauthenticated-rce"}],"description":{"lang":"eng","value":"CVE-2025-3248 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-3248","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-306","description":"CWE-306 Missing Authentication for Critical Function","lang":"en"}]},"published_date":"2025-04-07","last_modified_date":"2025-11-29"} diff --git a/mileva_reports.jsonl b/mileva_reports.jsonl new file mode 100644 index 0000000..98cd997 --- /dev/null +++ b/mileva_reports.jsonl @@ -0,0 +1,58 @@ +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["NVIDIA"],"deployer":["NVIDIA"],"artifacts":[{"type":"System","name":"Container Toolkit"},{"type":"System","name":"GPU Operator"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-367: NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-0132"},{"type":"source","label":"https://nvidia.custhelp.com/app/answers/detail/a_id/5582","url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5582"}],"description":{"lang":"eng","value":"CVE-2024-0132 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-367","description":"CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition","lang":"en"}]},"reported_date":"2024-09-26"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["mintplex-labs"],"deployer":["mintplex-labs"],"artifacts":[{"type":"System","name":"mintplex-labs/anything-llm"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-863: A vulnerability in the mintplex-labs/anything-llm repository, as of commit 5c40419, allows low privilege users to access the sensitive API endpoint \"/api/system/custom-models\". This access enables them to modify the model's API key and base path, leading to potential API key leakage and denial of service on chats."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10109"},{"type":"source","label":"https://huntr.com/bounties/ad3c9e76-679d-4775-b203-96947ff73551","url":"https://huntr.com/bounties/ad3c9e76-679d-4775-b203-96947ff73551"},{"type":"source","label":"https://github.com/mintplex-labs/anything-llm/commit/8d302c3f670c582b09d47e96132c248101447a11","url":"https://github.com/mintplex-labs/anything-llm/commit/8d302c3f670c582b09d47e96132c248101447a11"}],"description":{"lang":"eng","value":"CVE-2024-10109 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-863","description":"CWE-863 Incorrect Authorization","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-863: In lunary-ai/lunary v1.5.0, improper privilege management in the models.ts file allows users with viewer roles to modify models owned by others. The PATCH endpoint for models does not have appropriate privilege checks, enabling low-privilege users to update models they should not have access to modify. This vulnerability could lead to unauthorized changes in critical resources, affecting the integrity and reliability of the system."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10273"},{"type":"source","label":"https://huntr.com/bounties/883d9fe2-5730-41e1-a5c2-59972489876e","url":"https://huntr.com/bounties/883d9fe2-5730-41e1-a5c2-59972489876e"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc","url":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc"}],"description":{"lang":"eng","value":"CVE-2024-10273 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-863","description":"CWE-863 Incorrect Authorization","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: An improper authorization vulnerability exists in lunary-ai/lunary version 1.5.5. The /users/me/org endpoint lacks adequate access control mechanisms, allowing unauthorized users to access sensitive information about all team members in the current organization. This vulnerability can lead to the disclosure of sensitive information such as names, roles, or emails to users without sufficient privileges, resulting in privacy violations and potential reconnaissance for targeted attacks."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10274"},{"type":"source","label":"https://huntr.com/bounties/506459c1-da60-45c5-a10d-8bd540a4b4c1","url":"https://huntr.com/bounties/506459c1-da60-45c5-a10d-8bd540a4b4c1"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc","url":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc"}],"description":{"lang":"eng","value":"CVE-2024-10274 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: In lunary-ai/lunary version 1.5.6, the `/v1/evaluators/` endpoint lacks proper access control, allowing any user associated with a project to fetch all evaluator data regardless of their role. This vulnerability permits low-privilege users to access potentially sensitive evaluation data."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10330"},{"type":"source","label":"https://huntr.com/bounties/598ecd65-1723-4fb7-a9aa-9c4f56a5a2aa","url":"https://huntr.com/bounties/598ecd65-1723-4fb7-a9aa-9c4f56a5a2aa"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc","url":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc"}],"description":{"lang":"eng","value":"CVE-2024-10330 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["mintplex-labs"],"deployer":["mintplex-labs"],"artifacts":[{"type":"System","name":"mintplex-labs/anything-llm"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-23: A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs/anything-llm, affecting the latest version prior to 1.2.2. This vulnerability allows users with the 'manager' role to access and manipulate the 'anythingllm.db' database file. By exploiting the vulnerable endpoint '/api/document/move-files', an attacker can move the database file to a publicly accessible directory, download it, and subsequently delete it. This can lead to unauthorized access to sensitive data, privilege escalation, and potential data loss."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10513"},{"type":"source","label":"https://huntr.com/bounties/ad11cecf-161a-4fb1-986f-6f88272cbb9e","url":"https://huntr.com/bounties/ad11cecf-161a-4fb1-986f-6f88272cbb9e"},{"type":"source","label":"https://github.com/mintplex-labs/anything-llm/commit/47a5c7126c20e2277ee56e2c7ee11990886a40a7","url":"https://github.com/mintplex-labs/anything-llm/commit/47a5c7126c20e2277ee56e2c7ee11990886a40a7"}],"description":{"lang":"eng","value":"CVE-2024-10513 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-23","description":"CWE-23 Relative Path Traversal","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: In lunary-ai/lunary before version 1.5.9, the /v1/evaluators/ endpoint allows users to delete evaluators of a project by sending a DELETE request. However, the route lacks proper access control, such as middleware to ensure that only users with appropriate roles can delete evaluator data. This vulnerability allows low-privilege users to delete evaluators data, causing permanent data loss and potentially hindering operations."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10762"},{"type":"source","label":"https://huntr.com/bounties/23ab508e-d956-4861-b28f-0569d3b404a6","url":"https://huntr.com/bounties/23ab508e-d956-4861-b28f-0569d3b404a6"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/91587496673da24cb7ddedfbbd6e602592b20ef6","url":"https://github.com/lunary-ai/lunary/commit/91587496673da24cb7ddedfbbd6e602592b20ef6"}],"description":{"lang":"eng","value":"CVE-2024-10762 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-835: A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of the Invoke-AI server (version v5.0.1) allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and a complete denial of service for all users. The affected endpoint is `/api/v1/images/upload`."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10821"},{"type":"source","label":"https://huntr.com/bounties/0ac24835-c4c0-4f11-938a-d5641dfb80b2","url":"https://huntr.com/bounties/0ac24835-c4c0-4f11-938a-d5641dfb80b2"}],"description":{"lang":"eng","value":"CVE-2024-10821 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-835","description":"CWE-835 Loop with Unreachable Exit Condition","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-835: A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of eosphoros-ai/db-gpt v0.6.0 allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and complete denial of service for all users. This vulnerability affects all endpoints processing multipart/form-data requests."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10829"},{"type":"source","label":"https://huntr.com/bounties/e3a4a0ad-a2e0-497f-a2e0-e3c0ec7c4de4","url":"https://huntr.com/bounties/e3a4a0ad-a2e0-497f-a2e0-e3c0ec7c4de4"}],"description":{"lang":"eng","value":"CVE-2024-10829 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-835","description":"CWE-835 Loop with Unreachable Exit Condition","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-22: A Path Traversal vulnerability exists in the eosphoros-ai/db-gpt version 0.6.0 at the API endpoint `/v1/resource/file/delete`. This vulnerability allows an attacker to delete any file on the server by manipulating the `file_key` parameter. The `file_key` parameter is not properly sanitized, enabling an attacker to specify arbitrary file paths. If the specified file exists, the application will delete it."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10830"},{"type":"source","label":"https://huntr.com/bounties/26adf08a-9262-4d5a-a2ee-ce12ed919620","url":"https://huntr.com/bounties/26adf08a-9262-4d5a-a2ee-ce12ed919620"}],"description":{"lang":"eng","value":"CVE-2024-10830 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-22","description":"CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-36: In eosphoros-ai/db-gpt version 0.6.0, the endpoint for uploading files is vulnerable to absolute path traversal. This vulnerability allows an attacker to upload arbitrary files to arbitrary locations on the target server. The issue arises because the `file_key` and `doc_file.filename` parameters are user-controllable, enabling the construction of paths outside the intended directory. This can lead to overwriting essential system files, such as SSH keys, for further exploitation."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10831"},{"type":"source","label":"https://huntr.com/bounties/5c34c39f-66d4-414c-ab6a-f7888a5d882a","url":"https://huntr.com/bounties/5c34c39f-66d4-414c-ab6a-f7888a5d882a"}],"description":{"lang":"eng","value":"CVE-2024-10831 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-36","description":"CWE-36 Absolute Path Traversal","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-36: eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to absolute path traversal, allowing attackers to write files to arbitrary locations on the target server. This vulnerability arises because the 'doc_file.filename' parameter is user-controllable, enabling the construction of absolute paths."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10833"},{"type":"source","label":"https://huntr.com/bounties/dc58e981-e325-4c11-b4e1-1095890fd15a","url":"https://huntr.com/bounties/dc58e981-e325-4c11-b4e1-1095890fd15a"}],"description":{"lang":"eng","value":"CVE-2024-10833 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-36","description":"CWE-36 Absolute Path Traversal","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-73: eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that allows for arbitrary file write. The issue arises from the ability to pass an absolute path to a call to `os.path.join`, enabling an attacker to write files to arbitrary locations on the target server. This vulnerability can be exploited by setting the `doc_file.filename` to an absolute path, which can lead to overwriting system files or creating new SSH-key entries."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10834"},{"type":"source","label":"https://huntr.com/bounties/0d598508-151a-4050-9ccd-31bb82955e7a","url":"https://huntr.com/bounties/0d598508-151a-4050-9ccd-31bb82955e7a"}],"description":{"lang":"eng","value":"CVE-2024-10834 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-73","description":"CWE-73 External Control of File Name or Path","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-89: In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/sql/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the victim's file system. This can potentially lead to Remote Code Execution (RCE)."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10835"},{"type":"source","label":"https://huntr.com/bounties/e32fda74-ca83-431c-8de8-08274ba686c9","url":"https://huntr.com/bounties/e32fda74-ca83-431c-8de8-08274ba686c9"}],"description":{"lang":"eng","value":"CVE-2024-10835 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-89","description":"CWE-89 Improper Neutralization of Special Elements used in an SQL Command","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-352: In version 0.6.0 of eosphoros-ai/db-gpt, the `uvicorn` app created by `dbgpt_server` uses an overly permissive instance of `CORSMiddleware` which sets the `Access-Control-Allow-Origin` to `*` for all requests. This configuration makes all endpoints exposed by the server vulnerable to Cross-Site Request Forgery (CSRF). An attacker can exploit this vulnerability to interact with any endpoints of the instance, even if the instance is not publicly exposed to the network."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10906"},{"type":"source","label":"https://huntr.com/bounties/8864aca5-a342-4dab-b866-b2882ba6f160","url":"https://huntr.com/bounties/8864aca5-a342-4dab-b866-b2882ba6f160"}],"description":{"lang":"eng","value":"CVE-2024-10906 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"LOW"},"cwe":[{"cweId":"CWE-352","description":"CWE-352 Cross-Site Request Forgery (CSRF)","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["langchain-ai"],"deployer":["langchain-ai"],"artifacts":[{"type":"System","name":"langchain-ai/langchain"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-497: A vulnerability in langchain-core versions >=0.1.17,<0.1.53, >=0.2.0,<0.2.43, and >=0.3.0,<0.3.15 allows unauthorized users to read arbitrary files from the host file system. The issue arises from the ability to create langchain_core.prompts.ImagePromptTemplate's (and by extension langchain_core.prompts.ChatPromptTemplate's) with input variables that can read any user-specified path from the server file system. If the outputs of these prompt templates are exposed to the user, either directly or through downstream model outputs, it can lead to the exposure of sensitive information."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10940"},{"type":"source","label":"https://huntr.com/bounties/be1ee1cb-2147-4ff4-a57b-b6045271cf27","url":"https://huntr.com/bounties/be1ee1cb-2147-4ff4-a57b-b6045271cf27"},{"type":"source","label":"https://github.com/langchain-ai/langchain/commit/c1e742347f9701aadba8920e4d1f79a636e50b68","url":"https://github.com/langchain-ai/langchain/commit/c1e742347f9701aadba8920e4d1f79a636e50b68"}],"description":{"lang":"eng","value":"CVE-2024-10940 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-497","description":"CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["binary-husky"],"deployer":["binary-husky"],"artifacts":[{"type":"System","name":"binary-husky/gpt_academic"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-94: In binary-husky/gpt_academic version <= 3.83, the plugin `CodeInterpreter` is vulnerable to code injection caused by prompt injection. The root cause is the execution of user-provided prompts that generate untrusted code without a sandbox, allowing the execution of parts of the LLM-generated code. This vulnerability can be exploited by an attacker to achieve remote code execution (RCE) on the application backend server, potentially gaining full control of the server."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10950"},{"type":"source","label":"https://huntr.com/bounties/9abb1617-0c1d-42c7-a647-d9d2b39c6866","url":"https://huntr.com/bounties/9abb1617-0c1d-42c7-a647-d9d2b39c6866"}],"description":{"lang":"eng","value":"CVE-2024-10950 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-94","description":"CWE-94 Improper Control of Generation of Code","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["binary-husky"],"deployer":["binary-husky"],"artifacts":[{"type":"System","name":"binary-husky/gpt_academic"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-94: In the `manim` plugin of binary-husky/gpt_academic, versions prior to the fix, a vulnerability exists due to improper handling of user-provided prompts. The root cause is the execution of untrusted code generated by the LLM without a proper sandbox. This allows an attacker to perform remote code execution (RCE) on the app backend server by injecting malicious code through the prompt."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10954"},{"type":"source","label":"https://huntr.com/bounties/72d034e3-6ca2-495d-98a7-ac9565588c09","url":"https://huntr.com/bounties/72d034e3-6ca2-495d-98a7-ac9565588c09"}],"description":{"lang":"eng","value":"CVE-2024-10954 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-94","description":"CWE-94 Improper Control of Generation of Code","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-73: In invoke-ai/invokeai version v5.0.2, the web API `POST /api/v1/images/delete` is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH keys, SQLite databases, and configuration files. This can impact the integrity and availability of applications relying on these files."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-11042"},{"type":"source","label":"https://huntr.com/bounties/635535a7-c804-4789-ac3a-48d951263987","url":"https://huntr.com/bounties/635535a7-c804-4789-ac3a-48d951263987"},{"type":"source","label":"https://github.com/invoke-ai/invokeai/commit/5440c037674882b2ab7acd59087e9bb04b49657a","url":"https://github.com/invoke-ai/invokeai/commit/5440c037674882b2ab7acd59087e9bb04b49657a"}],"description":{"lang":"eng","value":"CVE-2024-11042 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-73","description":"CWE-73 External Control of File Name or Path","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-400: A Denial of Service (DoS) vulnerability was discovered in the /api/v1/boards/{board_id} endpoint of invoke-ai/invokeai version v5.0.2. This vulnerability occurs when an excessively large payload is sent in the board_name field during a PATCH request. By sending a large payload, the UI becomes unresponsive, rendering it impossible for users to interact with or manage the affected board. Additionally, the option to delete the board becomes inaccessible, amplifying the severity of the issue."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-11043"},{"type":"source","label":"https://huntr.com/bounties/9270900a-b8b7-402f-aee5-432d891e5648","url":"https://huntr.com/bounties/9270900a-b8b7-402f-aee5-432d891e5648"}],"description":{"lang":"eng","value":"CVE-2024-11043 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-400","description":"CWE-400 Uncontrolled Resource Consumption","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-639: In lunary-ai/lunary before version 1.6.3, an improper access control vulnerability exists where a user can access prompt data of another user. This issue affects version 1.6.2 and the main branch. The vulnerability allows unauthorized users to view sensitive prompt data by accessing specific URLs, leading to potential exposure of critical information."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-11300"},{"type":"source","label":"https://huntr.com/bounties/8dca7994-0d92-491e-a419-02adfe23ffa4","url":"https://huntr.com/bounties/8dca7994-0d92-491e-a419-02adfe23ffa4"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd","url":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd"}],"description":{"lang":"eng","value":"CVE-2024-11300 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-639","description":"CWE-639 Authorization Bypass Through User-Controlled Key","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-837: In lunary-ai/lunary before version 1.6.3, the application allows the creation of evaluators without enforcing a unique constraint on the combination of projectId and slug. This allows an attacker to overwrite existing data by submitting a POST request with the same slug as an existing evaluator. The lack of database constraints or application-layer validation to prevent duplicates exposes the application to data integrity issues. This vulnerability can result in corrupted data and potentially malicious actions, impairing the system's functionality."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-11301"},{"type":"source","label":"https://huntr.com/bounties/3d99aca5-b135-4833-b48b-7806bc4bf861","url":"https://huntr.com/bounties/3d99aca5-b135-4833-b48b-7806bc4bf861"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd","url":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd"}],"description":{"lang":"eng","value":"CVE-2024-11301 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-837","description":"CWE-837 Improper Enforcement of a Single, Unique Action","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-502: A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious code in model files, which is executed upon loading. This issue is fixed in version 5.4.3."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12029"},{"type":"source","label":"https://huntr.com/bounties/9b790f94-1b1b-4071-bc27-78445d1a87a3","url":"https://huntr.com/bounties/9b790f94-1b1b-4071-bc27-78445d1a87a3"},{"type":"source","label":"https://github.com/invoke-ai/invokeai/commit/756008dc5899081c5aa51e5bd8f24c1b3975a59e","url":"https://github.com/invoke-ai/invokeai/commit/756008dc5899081c5aa51e5bd8f24c1b3975a59e"}],"description":{"lang":"eng","value":"CVE-2024-12029 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-502","description":"CWE-502 Deserialization of Untrusted Data","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["opacewebdesign"],"deployer":["opacewebdesign"],"artifacts":[{"type":"System","name":"AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K)"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the engine_request_data() function in all versions up to, and including, 2.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update plugin settings."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12606"},{"type":"source","label":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4bc4a765-719e-4e99-b7f3-d255e4c019f5?source=cve","url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4bc4a765-719e-4e99-b7f3-d255e4c019f5?source=cve"},{"type":"source","label":"https://plugins.trac.wordpress.org/browser/ai-scribe-the-chatgpt-powered-seo-content-creation-wizard/trunk/article_builder.php#L730","url":"https://plugins.trac.wordpress.org/browser/ai-scribe-the-chatgpt-powered-seo-content-creation-wizard/trunk/article_builder.php#L730"}],"description":{"lang":"eng","value":"CVE-2024-12606 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"reported_date":"2025-01-10"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["run-llama"],"deployer":["run-llama"],"artifacts":[{"type":"System","name":"run-llama/llama_index"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-835: A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method executes the llm using a thread and retrieves the result via the get_response_gen method of the StreamingGeneratorCallbackHandler class. If the thread terminates abnormally before the _llm.predict is executed, there is no exception handling for this case, leading to an infinite loop in the get_response_gen function. This can be triggered by providing an input of an incorrect type, causing the thread to terminate and the process to continue running indefinitely."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12704"},{"type":"source","label":"https://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a","url":"https://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a"},{"type":"source","label":"https://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05","url":"https://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05"}],"description":{"lang":"eng","value":"CVE-2024-12704 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-835","description":"CWE-835 Loop with Unreachable Exit Condition","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["infiniflow"],"deployer":["infiniflow"],"artifacts":[{"type":"System","name":"infiniflow/ragflow"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-918: A Server-Side Request Forgery (SSRF) vulnerability exists in infiniflow/ragflow version 0.12.0. The vulnerability is present in the `POST /v1/llm/add_llm` and `POST /v1/conversation/tts` endpoints. Attackers can specify an arbitrary URL as the `api_base` when adding an `OPENAITTS` model, and subsequently access the `tts` REST API endpoint to read contents from the specified URL. This can lead to unauthorized access to internal web resources."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12779"},{"type":"source","label":"https://huntr.com/bounties/3cc748ba-2afb-4bfe-8553-10eb6d6dd4f0","url":"https://huntr.com/bounties/3cc748ba-2afb-4bfe-8553-10eb6d6dd4f0"}],"description":{"lang":"eng","value":"CVE-2024-12779 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-918","description":"CWE-918 Server-Side Request Forgery (SSRF)","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["run-llama"],"deployer":["run-llama"],"artifacts":[{"type":"System","name":"run-llama/llama_index"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-89: A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for SQL injection in the `run_sql_query` function of the `database_agent`. This vulnerability can be exploited by an attacker to inject arbitrary SQL queries, leading to remote code execution (RCE) through the use of PostgreSQL's large object functionality. The issue is fixed in version 0.3.0."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12909"},{"type":"source","label":"https://huntr.com/bounties/44e8177f-200a-4ba3-a12c-8bc21e313a3f","url":"https://huntr.com/bounties/44e8177f-200a-4ba3-a12c-8bc21e313a3f"},{"type":"source","label":"https://github.com/run-llama/llama_index/commit/5d03c175476452db9b8abcdb7d5767dd7b310a75","url":"https://github.com/run-llama/llama_index/commit/5d03c175476452db9b8abcdb7d5767dd7b310a75"}],"description":{"lang":"eng","value":"CVE-2024-12909 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-89","description":"CWE-89 Improper Neutralization of Special Elements used in an SQL Command","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["run-llama"],"deployer":["run-llama"],"artifacts":[{"type":"System","name":"run-llama/llama_index"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-89: A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12911"},{"type":"source","label":"https://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3","url":"https://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3"},{"type":"source","label":"https://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e","url":"https://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e"}],"description":{"lang":"eng","value":"CVE-2024-12911 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-89","description":"CWE-89 Improper Neutralization of Special Elements used in an SQL Command","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["IBM"],"deployer":["IBM"],"artifacts":[{"type":"System","name":"watsonx.ai"},{"type":"System","name":"watsonx.ai on Cloud Pak for Data"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-79: IBM watsonx.ai 1.1 through 2.0.3 and IBM watsonx.ai on Cloud Pak for Data 4.8 through 5.0.3 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-49785"},{"type":"source","label":"https://www.ibm.com/support/pages/node/7180723","url":"https://www.ibm.com/support/pages/node/7180723"}],"description":{"lang":"eng","value":"CVE-2024-49785 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-79","description":"CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')","lang":"en"}]},"reported_date":"2025-01-12"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["mlflow"],"deployer":["mlflow"],"artifacts":[{"type":"System","name":"mlflow/mlflow"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-400: In mlflow/mlflow version v2.13.2, a vulnerability exists that allows the creation or renaming of an experiment with a large number of integers in its name due to the lack of a limit on the experiment name. This can cause the MLflow UI panel to become unresponsive, leading to a potential denial of service. Additionally, there is no character limit in the `artifact_location` parameter while creating the experiment."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-6838"},{"type":"source","label":"https://huntr.com/bounties/8ad52cb2-2cda-4eb0-aec9-586060ee43e0","url":"https://huntr.com/bounties/8ad52cb2-2cda-4eb0-aec9-586060ee43e0"}],"description":{"lang":"eng","value":"CVE-2024-6838 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"cwe":[{"cweId":"CWE-400","description":"CWE-400 Uncontrolled Resource Consumption","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["mintplex-labs"],"deployer":["mintplex-labs"],"artifacts":[{"type":"System","name":"mintplex-labs/anything-llm"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-306: In version 1.5.5 of mintplex-labs/anything-llm, the `/setup-complete` API endpoint allows unauthorized users to access sensitive system settings. The data returned by the `currentSettings` function includes sensitive information such as API keys for search engines, which can be exploited by attackers to steal these keys and cause loss of user assets."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-6842"},{"type":"source","label":"https://huntr.com/bounties/cd911fc7-ac6b-4974-acd0-9cc926fa8d9e","url":"https://huntr.com/bounties/cd911fc7-ac6b-4974-acd0-9cc926fa8d9e"},{"type":"source","label":"https://github.com/mintplex-labs/anything-llm/commit/8b1ceb30c159cf3a10efa16275bc6849d84e4ea8","url":"https://github.com/mintplex-labs/anything-llm/commit/8b1ceb30c159cf3a10efa16275bc6849d84e4ea8"}],"description":{"lang":"eng","value":"CVE-2024-6842 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-306","description":"CWE-306 Missing Authentication for Critical Function","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST /api/v1/data-warehouse/bigquery endpoint. This vulnerability allows any user to export the entire database data by creating a stream to Google BigQuery without proper authentication or authorization. The issue is fixed in version 1.4.26."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-8999"},{"type":"source","label":"https://huntr.com/bounties/d42b7a44-0dcb-4ef0-b15c-d0e558da65c6","url":"https://huntr.com/bounties/d42b7a44-0dcb-4ef0-b15c-d0e558da65c6"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/aa0fd22952d1d84a717ae563eb1ab564d94a9e2b","url":"https://github.com/lunary-ai/lunary/commit/aa0fd22952d1d84a717ae563eb1ab564d94a9e2b"}],"description":{"lang":"eng","value":"CVE-2024-8999 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: In lunary-ai/lunary before version 1.4.26, the checklists.post() endpoint allows users to create or modify checklists without validating whether the user has proper permissions. This missing access control permits unauthorized users to create checklists, bypassing intended permission checks. Additionally, the endpoint does not validate the uniqueness of the slug field when creating a new checklist, allowing an attacker to spoof existing checklists by reusing the slug of an already-existing checklist. This can lead to significant data integrity issues, as legitimate checklists can be replaced with malicious or altered data."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-9000"},{"type":"source","label":"https://huntr.com/bounties/f5fca549-0a4a-4f64-8ccf-d4e108856da4","url":"https://huntr.com/bounties/f5fca549-0a4a-4f64-8ccf-d4e108856da4"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/a02861ef9bb6ce860a35f7b8f178d58859cd85f0","url":"https://github.com/lunary-ai/lunary/commit/a02861ef9bb6ce860a35f7b8f178d58859cd85f0"}],"description":{"lang":"eng","value":"CVE-2024-9000 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"reported_date":"2025-03-20"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["Google"],"deployer":["Google"],"artifacts":[{"type":"System","name":"Keras"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-94: The Keras Model.load_model function permits arbitrary code execution, even with safe_mode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their arguments, to be loaded and executed during model loading."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1550"},{"type":"source","label":"https://github.com/keras-team/keras/pull/20751","url":"https://github.com/keras-team/keras/pull/20751"},{"type":"source","label":"https://towerofhanoi.it/writeups/cve-2025-1550/","url":"https://towerofhanoi.it/writeups/cve-2025-1550/"}],"description":{"lang":"eng","value":"CVE-2025-1550 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-94","description":"CWE-94: Improper Control of Generation of Code ('Code Injection')","lang":"en"}]},"reported_date":"2025-03-11"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["mmaitre314"],"deployer":["mmaitre314"],"artifacts":[{"type":"System","name":"picklescan"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-184: picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craft a malicious model that uses Pickle to pull in a malicious PyPI package (hosted, for example, on pypi.org or GitHub) via `pip.main()`. Because pip is not a restricted global, the model, when scanned with picklescan, would pass security checks and appear to be safe, when it could instead prove to be problematic."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1716"},{"type":"source","label":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1716","url":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1716"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/commit/78ce704227c51f070c0c5fb4b466d92c62a7aa3d","url":"https://github.com/mmaitre314/picklescan/commit/78ce704227c51f070c0c5fb4b466d92c62a7aa3d"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v","url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v"}],"description":{"lang":"eng","value":"CVE-2025-1716 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-184","description":"CWE-184 Incomplete List of Disallowed Inputs","lang":"en"}]},"reported_date":"2025-02-26"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["mmaitre314"],"deployer":["mmaitre314"],"artifacts":[{"type":"System","name":"picklescan"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-646: picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An attacker could craft a malicious model that uses Pickle and include a malicious pickle file with a non-standard file extension. Because the malicious pickle file inclusion is not considered as part of the scope of picklescan, the file would pass security checks and appear to be safe, when it could instead prove to be problematic."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1889"},{"type":"source","label":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1889","url":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1889"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v","url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v"}],"description":{"lang":"eng","value":"CVE-2025-1889 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-646","description":"CWE-646 Reliance on File Name or Extension of Externally-Supplied File","lang":"en"}]},"reported_date":"2025-03-03"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["mmaitre314"],"deployer":["mmaitre314"],"artifacts":[{"type":"System","name":"picklescan"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-345: picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan raise a BadZipFile error. However, PyTorch's more forgiving ZIP implementation still allows the model to be loaded, enabling malicious payloads to bypass detection."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1944"},{"type":"source","label":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1944","url":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1944"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-7q5r-7gvp-wc82","url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-7q5r-7gvp-wc82"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781","url":"https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781"}],"description":{"lang":"eng","value":"CVE-2025-1944 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-345","description":"CWE-345 Insufficient Verification of Data Authenticity","lang":"en"}]},"reported_date":"2025-03-10"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["mmaitre314"],"deployer":["mmaitre314"],"artifacts":[{"type":"System","name":"picklescan"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-345: picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being successfully loaded by PyTorch's torch.load(). This can lead to arbitrary code execution when loading a compromised model."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1945"},{"type":"source","label":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1945","url":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1945"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-w8jq-xcqf-f792","url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-w8jq-xcqf-f792"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781","url":"https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781"}],"description":{"lang":"eng","value":"CVE-2025-1945 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-345","description":"CWE-345 Insufficient Verification of Data Authenticity","lang":"en"}]},"reported_date":"2025-03-10"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"Mage AI"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-1188: A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. After 7 months of repeated follow-ups by the researcher, Mage AI has decided to not accept this issue as a valid security vulnerability and has confirmed that they will not be addressing it."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2129"},{"type":"source","label":"https://vuldb.com/?id.299049","url":"https://vuldb.com/?id.299049"},{"type":"source","label":"https://vuldb.com/?ctiid.299049","url":"https://vuldb.com/?ctiid.299049"},{"type":"source","label":"https://vuldb.com/?submit.510690","url":"https://vuldb.com/?submit.510690"},{"type":"source","label":"https://github.com/zn9988/publications/blob/main/2.Mage-AI%20-%20Insecure%20Default%20Authentication%20Setup%20Leading%20to%20Zero-Click%20RCE/README.md","url":"https://github.com/zn9988/publications/blob/main/2.Mage-AI%20-%20Insecure%20Default%20Authentication%20Setup%20Leading%20to%20Zero-Click%20RCE/README.md"}],"description":{"lang":"eng","value":"CVE-2025-2129 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":5.6,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-1188","description":"Insecure Default Initialization of Resource","lang":"en"}]},"reported_date":"2025-03-09"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["Microsoft"],"deployer":["Microsoft"],"artifacts":[{"type":"System","name":"Microsoft Account"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: Missing authorization in Microsoft Account allows an unauthorized attacker to elevate privileges over a network."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-21396"},{"type":"source","label":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21396","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21396"}],"description":{"lang":"eng","value":"CVE-2025-21396 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C","baseScore":8.2,"baseSeverity":"HIGH"},"cwe":[{"cweId":"CWE-862","description":"CWE-862: Missing Authorization","lang":"en-US"}]},"reported_date":"2025-01-29"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["Microsoft"],"deployer":["Microsoft"],"artifacts":[{"type":"System","name":"Azure AI Face Service"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-290: Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to elevate privileges over a network."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-21415"},{"type":"source","label":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21415","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21415"}],"description":{"lang":"eng","value":"CVE-2025-21415 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C","baseScore":9.9,"baseSeverity":"CRITICAL"},"cwe":[{"cweId":"CWE-290","description":"CWE-290: Authentication Bypass by Spoofing","lang":"en-US"}]},"reported_date":"2025-01-29"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["NVIDIA"],"deployer":["NVIDIA"],"artifacts":[{"type":"System","name":"Container Toolkit"},{"type":"System","name":"GPU Operator"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-367: NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-23359"},{"type":"source","label":"https://nvidia.custhelp.com/app/answers/detail/a_id/5616","url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5616"}],"description":{"lang":"eng","value":"CVE-2025-23359 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-367","description":"CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition","lang":"en"}]},"reported_date":"2025-02-12"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["NI"],"deployer":["NI"],"artifacts":[{"type":"System","name":"Vision Builder AI"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-356: NI Vision Builder AI VBAI File Processing Missing Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI Vision Builder AI. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the processing of VBAI files. The issue results from allowing the execution of dangerous script without user warning. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22833."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2450"},{"type":"source","label":"https://www.zerodayinitiative.com/advisories/ZDI-25-147/","url":"https://www.zerodayinitiative.com/advisories/ZDI-25-147/"}],"description":{"lang":"eng","value":"CVE-2025-2450 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH"},"cwe":[{"cweId":"CWE-356","description":"CWE-356: Product UI does not Warn User of Unsafe Actions","lang":"en"}]},"reported_date":"2025-03-18"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["Microsoft"],"deployer":["Microsoft"],"artifacts":[{"type":"System","name":"Azure promptflow-core"},{"type":"System","name":"Azure promptflow-tools"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-653: Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-24986"},{"type":"source","label":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24986","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24986"}],"description":{"lang":"eng","value":"CVE-2025-24986 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C","baseScore":6.5,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-653","description":"CWE-653: Improper Isolation or Compartmentalization","lang":"en-US"}]},"reported_date":"2025-03-11"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["bentoml"],"deployer":["bentoml"],"artifacts":[{"type":"System","name":"BentoML"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-502: BentoML is a Python library for building online serving systems optimized for AI apps and model inference. A Remote Code Execution (RCE) vulnerability caused by insecure deserialization has been identified in the latest version (v1.4.2) of BentoML. It allows any unauthenticated user to execute arbitrary code on the server. It exists an unsafe code segment in serde.py. This vulnerability is fixed in 1.4.3."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-27520"},{"type":"source","label":"https://github.com/bentoml/BentoML/security/advisories/GHSA-33xw-247w-6hmc","url":"https://github.com/bentoml/BentoML/security/advisories/GHSA-33xw-247w-6hmc"},{"type":"source","label":"https://github.com/bentoml/BentoML/commit/b35f4f4fcc53a8c3fe8ed9c18a013fe0a728e194","url":"https://github.com/bentoml/BentoML/commit/b35f4f4fcc53a8c3fe8ed9c18a013fe0a728e194"}],"description":{"lang":"eng","value":"CVE-2025-27520 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-502","description":"CWE-502: Deserialization of Untrusted Data","lang":"en"}]},"reported_date":"2025-04-04"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["GitLab"],"deployer":["GitLab"],"artifacts":[{"type":"System","name":"GitLab"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-94: An issue has been discovered in the GitLab Duo with Amazon Q affecting all versions from 17.8 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. A specifically crafted issue could manipulate AI-assisted development features to potentially expose sensitive project data to unauthorized users."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2867"},{"type":"source","label":"https://gitlab.com/gitlab-org/gitlab/-/issues/512509","url":"https://gitlab.com/gitlab-org/gitlab/-/issues/512509"}],"description":{"lang":"eng","value":"CVE-2025-2867 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-94","description":"CWE-94: Improper Control of Generation of Code ('Code Injection')","lang":"en"}]},"reported_date":"2025-03-27"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability was found in PyTorch 2.6.0. It has been declared as critical. Affected by this vulnerability is the function torch.nn.utils.rnn.pad_packed_sequence. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2998"},{"type":"source","label":"https://vuldb.com/?id.302047","url":"https://vuldb.com/?id.302047"},{"type":"source","label":"https://vuldb.com/?ctiid.302047","url":"https://vuldb.com/?ctiid.302047"},{"type":"source","label":"https://vuldb.com/?submit.524151","url":"https://vuldb.com/?submit.524151"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149622","url":"https://github.com/pytorch/pytorch/issues/149622"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149622#issue-2935495265","url":"https://github.com/pytorch/pytorch/issues/149622#issue-2935495265"}],"description":{"lang":"eng","value":"CVE-2025-2998 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"reported_date":"2025-03-31"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability was found in PyTorch 2.6.0. It has been rated as critical. Affected by this issue is the function torch.nn.utils.rnn.unpack_sequence. The manipulation leads to memory corruption. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2999"},{"type":"source","label":"https://vuldb.com/?id.302048","url":"https://vuldb.com/?id.302048"},{"type":"source","label":"https://vuldb.com/?ctiid.302048","url":"https://vuldb.com/?ctiid.302048"},{"type":"source","label":"https://vuldb.com/?submit.524198","url":"https://vuldb.com/?submit.524198"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149622","url":"https://github.com/pytorch/pytorch/issues/149622"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149622#issue-2935495265","url":"https://github.com/pytorch/pytorch/issues/149622#issue-2935495265"}],"description":{"lang":"eng","value":"CVE-2025-2999 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"reported_date":"2025-03-31"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability classified as critical has been found in PyTorch 2.6.0. This affects the function torch.jit.script. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3000"},{"type":"source","label":"https://vuldb.com/?id.302049","url":"https://vuldb.com/?id.302049"},{"type":"source","label":"https://vuldb.com/?ctiid.302049","url":"https://vuldb.com/?ctiid.302049"},{"type":"source","label":"https://vuldb.com/?submit.524197","url":"https://vuldb.com/?submit.524197"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149623","url":"https://github.com/pytorch/pytorch/issues/149623"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149623#issue-2935703015","url":"https://github.com/pytorch/pytorch/issues/149623#issue-2935703015"}],"description":{"lang":"eng","value":"CVE-2025-3000 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"reported_date":"2025-03-31"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstm_cell. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3001"},{"type":"source","label":"https://vuldb.com/?id.302050","url":"https://vuldb.com/?id.302050"},{"type":"source","label":"https://vuldb.com/?ctiid.302050","url":"https://vuldb.com/?ctiid.302050"},{"type":"source","label":"https://vuldb.com/?submit.524212","url":"https://vuldb.com/?submit.524212"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149626","url":"https://github.com/pytorch/pytorch/issues/149626"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149626#issue-2935860995","url":"https://github.com/pytorch/pytorch/issues/149626#issue-2935860995"}],"description":{"lang":"eng","value":"CVE-2025-3001 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"reported_date":"2025-03-31"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["Mozilla"],"deployer":["Mozilla"],"artifacts":[{"type":"System","name":"Firefox"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"By first using the AI chatbot in one tab and later activating it in another tab, the document title of the previous tab would leak into the chat prompt. This vulnerability affects Firefox < 137."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3035"},{"type":"source","label":"https://bugzilla.mozilla.org/show_bug.cgi?id=1952268","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1952268"},{"type":"source","label":"https://www.mozilla.org/security/advisories/mfsa2025-20/","url":"https://www.mozilla.org/security/advisories/mfsa2025-20/"}],"description":{"lang":"eng","value":"CVE-2025-3035 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}},"reported_date":"2025-04-01"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jit_module_from_flatbuffer. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3121"},{"type":"source","label":"https://vuldb.com/?id.303012","url":"https://vuldb.com/?id.303012"},{"type":"source","label":"https://vuldb.com/?ctiid.303012","url":"https://vuldb.com/?ctiid.303012"},{"type":"source","label":"https://vuldb.com/?submit.525049","url":"https://vuldb.com/?submit.525049"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149800","url":"https://github.com/pytorch/pytorch/issues/149800"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149800#issue-2940240700","url":"https://github.com/pytorch/pytorch/issues/149800#issue-2940240700"}],"description":{"lang":"eng","value":"CVE-2025-3121 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"reported_date":"2025-04-02"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function torch.cuda.memory.caching_allocator_delete of the file c10/cuda/CUDACachingAllocator.cpp. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3136"},{"type":"source","label":"https://vuldb.com/?id.303041","url":"https://vuldb.com/?id.303041"},{"type":"source","label":"https://vuldb.com/?ctiid.303041","url":"https://vuldb.com/?ctiid.303041"},{"type":"source","label":"https://vuldb.com/?submit.525252","url":"https://vuldb.com/?submit.525252"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149821","url":"https://github.com/pytorch/pytorch/issues/149821"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149821#issuecomment-2765311086","url":"https://github.com/pytorch/pytorch/issues/149821#issuecomment-2765311086"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149821#issue-2940838975","url":"https://github.com/pytorch/pytorch/issues/149821#issue-2940838975"}],"description":{"lang":"eng","value":"CVE-2025-3136 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"reported_date":"2025-04-03"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["ageerle"],"deployer":["ageerle"],"artifacts":[{"type":"System","name":"ruoyi-ai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-285, CWE-266: A vulnerability was found in ageerle ruoyi-ai up to 2.0.1 and classified as critical. Affected by this issue is some unknown functionality of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysModelController.java of the component API Interface. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.2 is able to address this issue. The name of the patch is c0daf641fb25b244591b7a6c3affa35c69d321fe. It is recommended to upgrade the affected component."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3199"},{"type":"source","label":"https://vuldb.com/?id.303152","url":"https://vuldb.com/?id.303152"},{"type":"source","label":"https://vuldb.com/?ctiid.303152","url":"https://vuldb.com/?ctiid.303152"},{"type":"source","label":"https://vuldb.com/?submit.545830","url":"https://vuldb.com/?submit.545830"},{"type":"source","label":"https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_01.md","url":"https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_01.md"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/issues/43#issuecomment-2763091490","url":"https://github.com/ageerle/ruoyi-ai/issues/43#issuecomment-2763091490"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/issues/43","url":"https://github.com/ageerle/ruoyi-ai/issues/43"},{"type":"source","label":"https://github.com/gwozai/ruoyi-ai/commit/c0daf641fb25b244591b7a6c3affa35c69d321fe","url":"https://github.com/gwozai/ruoyi-ai/commit/c0daf641fb25b244591b7a6c3affa35c69d321fe"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/releases/tag/v2.0.2","url":"https://github.com/ageerle/ruoyi-ai/releases/tag/v2.0.2"}],"description":{"lang":"eng","value":"CVE-2025-3199 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH"},"cwe":[{"cweId":"CWE-285","description":"Improper Authorization","lang":"en"},{"cweId":"CWE-266","description":"Incorrect Privilege Assignment","lang":"en"}]},"reported_date":"2025-04-04"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["getcursor"],"deployer":["getcursor"],"artifacts":[{"type":"System","name":"cursor"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-22: Cursor is a code editor built for programming with AI. In versions 0.45.0 through 0.48.6, the Cursor app introduced a regression affecting the set of file paths the Cursor Agent is permitted to modify automatically. Under specific conditions, the agent could be prompted, either directly by the user or via maliciously crafted context, to automatically write to files outside of the opened workspace. This behavior required deliberate prompting, making successful exploitation highly impractical in real-world scenarios. Furthermore, the edited file was still displayed in the UI as usual for user review, making it unlikely for the edit to go unnoticed by the user. This vulnerability is fixed in 0.48.7."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-32018"},{"type":"source","label":"https://github.com/getcursor/cursor/security/advisories/GHSA-qjh8-mh96-fc86","url":"https://github.com/getcursor/cursor/security/advisories/GHSA-qjh8-mh96-fc86"}],"description":{"lang":"eng","value":"CVE-2025-32018 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-22","description":"CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","lang":"en"}]},"reported_date":"2025-04-08"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["ageerle"],"deployer":["ageerle"],"artifacts":[{"type":"System","name":"ruoyi-ai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-285, CWE-266: A vulnerability classified as critical has been found in ageerle ruoyi-ai up to 2.0.0. Affected is an unknown function of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysNoticeController.java. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.1 is able to address this issue. The name of the patch is 6382e177bf90cc56ff70521842409e35c50df32d. It is recommended to upgrade the affected component."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3202"},{"type":"source","label":"https://vuldb.com/?id.303156","url":"https://vuldb.com/?id.303156"},{"type":"source","label":"https://vuldb.com/?ctiid.303156","url":"https://vuldb.com/?ctiid.303156"},{"type":"source","label":"https://vuldb.com/?submit.545866","url":"https://vuldb.com/?submit.545866"},{"type":"source","label":"https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_02.md","url":"https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_02.md"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/issues/44#issue-2957771318","url":"https://github.com/ageerle/ruoyi-ai/issues/44#issue-2957771318"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/commit/6382e177bf90cc56ff70521842409e35c50df32d","url":"https://github.com/ageerle/ruoyi-ai/commit/6382e177bf90cc56ff70521842409e35c50df32d"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/releases/tag/v2.0.1","url":"https://github.com/ageerle/ruoyi-ai/releases/tag/v2.0.1"}],"description":{"lang":"eng","value":"CVE-2025-3202 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH"},"cwe":[{"cweId":"CWE-285","description":"Improper Authorization","lang":"en"},{"cweId":"CWE-266","description":"Incorrect Privilege Assignment","lang":"en"}]},"reported_date":"2025-04-04"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["bentoml"],"deployer":["bentoml"],"artifacts":[{"type":"System","name":"BentoML"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-502: BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.8, there was an insecure deserialization in BentoML's runner server. By setting specific headers and parameters in the POST request, it is possible to execute any unauthorized arbitrary code on the server, which will grant the attackers to have the initial access and information disclosure on the server. This vulnerability is fixed in 1.4.8."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-32375"},{"type":"source","label":"https://github.com/bentoml/BentoML/security/advisories/GHSA-7v4r-c989-xh26","url":"https://github.com/bentoml/BentoML/security/advisories/GHSA-7v4r-c989-xh26"}],"description":{"lang":"eng","value":"CVE-2025-32375 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-502","description":"CWE-502: Deserialization of Untrusted Data","lang":"en"}]},"reported_date":"2025-04-09"} +{"data_type":"AVID","data_version":"0.2","affects":{"developer":["langflow-ai"],"deployer":["langflow-ai"],"artifacts":[{"type":"System","name":"langflow"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-306: Langflow versions prior to 1.3.0 are susceptible to code injection in \nthe /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary\ncode."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3248"},{"type":"source","label":"https://github.com/langflow-ai/langflow/pull/6911","url":"https://github.com/langflow-ai/langflow/pull/6911"},{"type":"source","label":"https://github.com/langflow-ai/langflow/releases/tag/1.3.0","url":"https://github.com/langflow-ai/langflow/releases/tag/1.3.0"},{"type":"source","label":"https://www.horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/","url":"https://www.horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/"},{"type":"source","label":"https://www.vulncheck.com/advisories/langflow-unauthenticated-rce","url":"https://www.vulncheck.com/advisories/langflow-unauthenticated-rce"}],"description":{"lang":"eng","value":"CVE-2025-3248 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-306","description":"CWE-306 Missing Authentication for Critical Function","lang":"en"}]},"reported_date":"2025-04-07"} diff --git a/scripts/mileva.py b/scripts/mileva.py index 1a26eb4..6076377 100644 --- a/scripts/mileva.py +++ b/scripts/mileva.py @@ -15,6 +15,7 @@ - nvdlib: For fetching CVE data from NVD (already in dependencies) """ +import asyncio import re import sys import time @@ -22,6 +23,7 @@ from pathlib import Path from typing import List, Optional, Set +import aiohttp import requests from bs4 import BeautifulSoup @@ -32,6 +34,8 @@ Affects, Artifact, AvidTaxonomy, + CVSSScores, + CWETaxonomy, Impact, LangValue, Problemtype, @@ -42,11 +46,56 @@ ClassEnum, LifecycleEnum, SepEnum, + TypeEnum, ) from avidtools.datamodels.vulnerability import ( # noqa: E402 Vulnerability, VulnMetadata, ) +from avidtools.datamodels.report import ( # noqa: E402 + Report, +) + + +def scrape_fortnightly_digest_urls(research_url: str) -> List[str]: + """ + Scrape all fortnightly digest URLs from Milev.ai research page. + + Args: + research_url: URL of the Milev.ai research page + + Returns: + List of fortnightly digest URLs + """ + print(f"Scraping fortnightly digest links from: {research_url}") + + try: + response = requests.get(research_url, timeout=30) + response.raise_for_status() + except requests.RequestException as e: + print(f"Error fetching research page: {e}") + return [] + + soup = BeautifulSoup(response.content, 'html.parser') + + # Find all links containing 'fortnightly-digest' in the href + digest_urls = [] + for link in soup.find_all('a', href=True): + href = link['href'] + if 'fortnightly-digest' in href.lower(): + # Handle relative URLs + if href.startswith('/'): + full_url = f"https://milev.ai{href}" + elif not href.startswith('http'): + full_url = f"https://milev.ai/{href}" + else: + full_url = href + + if full_url not in digest_urls: + digest_urls.append(full_url) + + print(f"Found {len(digest_urls)} fortnightly digest pages") + return digest_urls def scrape_cve_ids_from_mileva(url: str) -> Set[str]: @@ -92,28 +141,32 @@ def scrape_cve_ids_from_mileva(url: str) -> Set[str]: return cve_ids -def scrape_nvd_cve_details(cve_id: str) -> Optional[dict]: +async def scrape_nvd_cve_details( + session: aiohttp.ClientSession, cve_id: str +) -> Optional[dict]: """ - Fetch CVE details from the MITRE CVE API. + Fetch CVE details from the MITRE CVE API asynchronously. Args: + session: aiohttp ClientSession for making requests cve_id: CVE identifier (e.g., 'CVE-2024-12911') Returns: Dictionary containing CVE details, or None if fetching fails """ url = f"https://cveawg.mitre.org/api/cve/{cve_id}" - print(f"Fetching CVE details from: {url}") try: headers = { 'Accept': 'application/json', 'User-Agent': 'avidtools-cve-scraper/0.2' } - response = requests.get(url, timeout=30, headers=headers) - response.raise_for_status() - cve_data = response.json() - except requests.RequestException as e: + async with session.get( + url, timeout=aiohttp.ClientTimeout(total=30), headers=headers + ) as response: + response.raise_for_status() + cve_data = await response.json() + except (aiohttp.ClientError, asyncio.TimeoutError) as e: print(f"Error fetching CVE data for {cve_id}: {e}") return None except ValueError as e: @@ -128,8 +181,10 @@ def scrape_nvd_cve_details(cve_id: str) -> Optional[dict]: 'last_modified_date': None, 'cvss_score': None, 'severity': None, + 'cvss_data': None, 'references': [], 'cwe_ids': [], + 'cwe_data': [], 'affected_products': [] } @@ -163,24 +218,31 @@ def scrape_nvd_cve_details(cve_id: str) -> Optional[dict]: cvss = metric['cvssV3_1'] details['cvss_score'] = cvss.get('baseScore') details['severity'] = cvss.get('baseSeverity') + details['cvss_data'] = cvss break elif 'cvssV3_0' in metric: cvss = metric['cvssV3_0'] details['cvss_score'] = cvss.get('baseScore') details['severity'] = cvss.get('baseSeverity') + details['cvss_data'] = cvss break - # Get CWE IDs + # Get CWE data with descriptions problem_types = cna.get('problemTypes', []) for pt in problem_types: for desc in pt.get('descriptions', []): cwe_id = desc.get('cweId') if cwe_id: details['cwe_ids'].append(cwe_id) + details['cwe_data'].append({ + 'cweId': cwe_id, + 'description': desc.get('description', ''), + 'lang': desc.get('lang', 'en') + }) # Get references references = cna.get('references', []) - for ref in references[:10]: # Limit to 10 references + for ref in references: ref_url = ref.get('url') if ref_url: details['references'].append(ref_url) @@ -202,74 +264,64 @@ def scrape_nvd_cve_details(cve_id: str) -> Optional[dict]: return details -def create_vulnerability_from_cve(cve_details: dict) -> Vulnerability: - """ - Create a Vulnerability object from CVE details. - - Args: - cve_details: Dictionary containing CVE information from NVD - - Returns: - Vulnerability object populated with CVE data - """ - cve_id = cve_details['cve_id'] - - # Create metadata - metadata = VulnMetadata(vuln_id=cve_id) - - # Create description - description = None +def create_description(cve_id: str, cve_details: dict) -> Optional[LangValue]: + """Create description LangValue object.""" if cve_details['description']: - description = LangValue( - lang="eng", - value=cve_details['description'] - ) - - # Create references + return LangValue(lang="eng", value=cve_id + " Detail") + return None + + +def create_references(cve_details: dict) -> List[Reference]: + """Create references list from CVE details.""" references = [ Reference( type="source", - label="NVD", + label="NVD entry", url=cve_details['url'] ) ] - # Add additional references - for ref_url in cve_details['references'][:5]: # Limit to 5 references + for ref_url in cve_details['references']: references.append( Reference( - label="Reference", + type="source", + label=ref_url, url=ref_url ) ) - # Create problemtype + return references + + +def create_problemtype(cve_id: str, cve_details: dict) -> Problemtype: + """Create problemtype from CVE details.""" problemtype_desc = cve_details['description'] or f"Vulnerability {cve_id}" if cve_details['cwe_ids']: cwe_list = ', '.join(cve_details['cwe_ids']) problemtype_desc = f"{cwe_list}: {problemtype_desc}" - problemtype = Problemtype( + return Problemtype( classof=ClassEnum.cve, + type=TypeEnum.advisory, description=LangValue( lang="eng", - value=problemtype_desc[:500] # Limit length + value=problemtype_desc ) ) - - # Create affects - use affected products if available + + +def create_affects(cve_details: dict) -> Affects: + """Create affects from CVE details.""" developers = [] deployers = [] artifacts = [] if cve_details['affected_products']: - # Extract unique vendors for developer and deployer vendors = set() for item in cve_details['affected_products']: vendor = item.get('vendor', 'Unknown') vendors.add(vendor) - # Create artifact for each product product = item.get('product', 'Unknown') artifacts.append( Artifact( @@ -281,7 +333,6 @@ def create_vulnerability_from_cve(cve_details: dict) -> Vulnerability: developers = list(vendors) deployers = list(vendors) else: - # Default values if none specified developers = ["Unknown"] deployers = ["Unknown"] artifacts.append( @@ -291,50 +342,125 @@ def create_vulnerability_from_cve(cve_details: dict) -> Vulnerability: ) ) - affects = Affects( + return Affects( developer=developers, deployer=deployers, artifacts=artifacts ) - - # Create impact with AVID taxonomy + + +def create_impact( + cve_id: str, cve_details: dict, include_vuln_id: bool = False +) -> Impact: + """Create impact with AVID taxonomy, CVSS, and CWE.""" avid_taxonomy = AvidTaxonomy( - vuln_id=cve_id, + vuln_id=cve_id if include_vuln_id else None, risk_domain=["Security"], - sep_view=[SepEnum.S0100], # Security - Software Vulnerability - lifecycle_view=[LifecycleEnum.L06], # Deployment + sep_view=[SepEnum.S0100], + lifecycle_view=[LifecycleEnum.L06], taxonomy_version="0.2" ) - impact = Impact(avid=avid_taxonomy) + cvss = None + if cve_details.get('cvss_data'): + cvss_data = cve_details['cvss_data'] + cvss = CVSSScores( + version=cvss_data.get('version', '3.0'), + vectorString=cvss_data.get('vectorString', ''), + baseScore=cvss_data.get('baseScore', 0.0), + baseSeverity=cvss_data.get('baseSeverity', 'UNKNOWN'), + attackVector=cvss_data.get('attackVector'), + attackComplexity=cvss_data.get('attackComplexity'), + privilegesRequired=cvss_data.get('privilegesRequired'), + userInteraction=cvss_data.get('userInteraction'), + scope=cvss_data.get('scope'), + confidentialityImpact=cvss_data.get('confidentialityImpact'), + integrityImpact=cvss_data.get('integrityImpact'), + availabilityImpact=cvss_data.get('availabilityImpact') + ) - # Parse dates - published_date = None - last_modified_date = None + cwe = None + if cve_details.get('cwe_data'): + cwe = [] + for cwe_item in cve_details['cwe_data']: + cwe.append( + CWETaxonomy( + cweId=cwe_item['cweId'], + description=cwe_item.get('description'), + lang=cwe_item.get('lang') + ) + ) + return Impact( + avid=avid_taxonomy, + cvss=cvss, + cwe=cwe + ) + + +def parse_date(date_str: Optional[str]) -> Optional[date]: + """Parse ISO 8601 date string to date object.""" + if not date_str: + return None try: - if cve_details['published_date']: - # Parse date string (format: "MM/DD/YYYY") - date_str = cve_details['published_date'] - date_match = re.search(r'(\d{1,2})/(\d{1,2})/(\d{4})', date_str) - if date_match: - month, day, year = date_match.groups() - published_date = date(int(year), int(month), int(day)) - except (ValueError, AttributeError): - pass + date_only = date_str.split('T')[0] + return date.fromisoformat(date_only) + except (ValueError, AttributeError, TypeError): + return None + + +def create_report_from_cve(cve_details: dict) -> Report: + """ + Create a Report object from CVE details. - try: - if cve_details['last_modified_date']: - date_str = cve_details['last_modified_date'] - date_match = re.search(r'(\d{1,2})/(\d{1,2})/(\d{4})', date_str) - if date_match: - month, day, year = date_match.groups() - last_modified_date = date(int(year), int(month), int(day)) - except (ValueError, AttributeError): - pass - - # Create Vulnerability object - vulnerability = Vulnerability( + Args: + cve_details: Dictionary containing CVE information from API + + Returns: + Report object populated with CVE data + """ + cve_id = cve_details['cve_id'] + description = create_description(cve_id, cve_details) + references = create_references(cve_details) + problemtype = create_problemtype(cve_id, cve_details) + affects = create_affects(cve_details) + impact = create_impact(cve_id, cve_details, include_vuln_id=False) + reported_date = parse_date(cve_details.get('published_date')) + + return Report( + data_type="AVID", + data_version="0.2", + affects=affects, + problemtype=problemtype, + references=references, + description=description, + impact=impact, + reported_date=reported_date + ) + + +def create_vulnerability_from_cve(cve_details: dict) -> Vulnerability: + """ + Create a Vulnerability object from CVE details. + + Args: + cve_details: Dictionary containing CVE information from NVD + + Returns: + Vulnerability object populated with CVE data + """ + cve_id = cve_details['cve_id'] + + metadata = VulnMetadata(vuln_id=cve_id) + description = create_description(cve_id, cve_details) + references = create_references(cve_details) + problemtype = create_problemtype(cve_id, cve_details) + affects = create_affects(cve_details) + impact = create_impact(cve_id, cve_details, include_vuln_id=True) + published_date = parse_date(cve_details.get('published_date')) + last_modified_date = parse_date(cve_details.get('last_modified_date')) + + return Vulnerability( data_type="AVID", data_version="0.2", metadata=metadata, @@ -346,8 +472,6 @@ def create_vulnerability_from_cve(cve_details: dict) -> Vulnerability: published_date=published_date, last_modified_date=last_modified_date ) - - return vulnerability def save_vulnerabilities_to_jsonl( @@ -369,21 +493,127 @@ def save_vulnerabilities_to_jsonl( json_str = vuln.model_dump_json(exclude_none=True) f.write(json_str + '\n') - print(f"\nSaved {len(vulnerabilities)} vulnerabilities to {output_path}") + print(f"Saved {len(vulnerabilities)} vulnerabilities to {output_path}") + + +async def process_single_cve( + session: aiohttp.ClientSession, cve_id: str, index: int, total: int +) -> tuple[Optional[Vulnerability], Optional[Report]]: + """ + Process a single CVE: fetch details and create Vulnerability/Report objects. + + Args: + session: aiohttp ClientSession + cve_id: CVE identifier + index: Current index (for progress display) + total: Total number of CVEs + + Returns: + Tuple of (Vulnerability, Report) or (None, None) if failed + """ + print(f"Processing {index}/{total}: {cve_id}") + + cve_details = await scrape_nvd_cve_details(session, cve_id) + + if cve_details: + try: + vulnerability = create_vulnerability_from_cve(cve_details) + report = create_report_from_cve(cve_details) + print(f"✓ Successfully created objects for {cve_id}") + return vulnerability, report + except Exception as e: + print(f"✗ Error creating objects for {cve_id}: {e}") + return None, None + else: + print(f"✗ Failed to fetch details for {cve_id}") + return None, None + + +async def process_cves_async( + cve_list: List[str], max_concurrent: int = 10 +) -> tuple[List[Vulnerability], List[Report]]: + """ + Process multiple CVEs concurrently using async/await. + + Args: + cve_list: List of CVE IDs to process + max_concurrent: Maximum number of concurrent requests + + Returns: + Tuple of (vulnerabilities list, reports list) + """ + vulnerabilities = [] + reports = [] + + connector = aiohttp.TCPConnector(limit=max_concurrent) + async with aiohttp.ClientSession(connector=connector) as session: + # Create tasks for all CVEs + tasks = [ + process_single_cve(session, cve_id, i + 1, len(cve_list)) + for i, cve_id in enumerate(cve_list) + ] + + # Process with progress updates + results = await asyncio.gather(*tasks, return_exceptions=True) + + # Collect successful results + for result in results: + if isinstance(result, tuple) and result[0] is not None: + vuln, report = result + vulnerabilities.append(vuln) + reports.append(report) + + return vulnerabilities, reports + + +def save_reports_to_jsonl(reports: List[Report], output_path: str): + """ + Save a list of Report objects to a JSONL file. + + Args: + reports: List of Report objects + output_path: Path to the output JSONL file + """ + output_file = Path(output_path) + output_file.parent.mkdir(parents=True, exist_ok=True) + + with open(output_file, 'w', encoding='utf-8') as f: + for report in reports: + # Convert to JSON string using Pydantic's model_dump_json + json_str = report.model_dump_json(exclude_none=True) + f.write(json_str + '\n') + + print(f"Saved {len(reports)} reports to {output_path}") def main(): """Main execution function.""" - print("=" * 80) + print("="*80) print("CVE Scraper - Milev.ai to AVID Vulnerability Converter") - print("=" * 80) + print("="*80) print() - # Step 1: Scrape CVE IDs from Milev.ai - mileva_url = "https://milev.ai/research/fortnightly-digest-31-march-2025/" - cve_ids = scrape_cve_ids_from_mileva(mileva_url) + # Step 1: Scrape all fortnightly digest URLs + research_url = "https://milev.ai/research/" + digest_urls = scrape_fortnightly_digest_urls(research_url) + + if not digest_urls: + print("No fortnightly digest pages found. Exiting.") + return + + print() - if not cve_ids: + # Step 2: Scrape CVE IDs from all digest pages + all_cve_ids = set() + for digest_url in digest_urls: + cve_ids = scrape_cve_ids_from_mileva(digest_url) + all_cve_ids.update(cve_ids) + time.sleep(1) # Be respectful between page scrapes + + print() + print(f"Total unique CVE IDs found across all digests: {len(all_cve_ids)}") + + if not all_cve_ids: print("No CVE IDs found. Exiting.") return @@ -391,60 +621,35 @@ def main(): print("-" * 80) print() - # Step 2 & 3: Scrape NVD details and create Vulnerability objects - vulnerabilities = [] + # Step 3 & 4: Scrape CVE details and create objects (async) + cve_list = sorted(all_cve_ids) - cve_list = sorted(cve_ids) + print(f"Processing {len(cve_list)} CVEs with concurrent requests...") + print() - for i, cve_id in enumerate(cve_list, 1): - print(f"Processing {i}/{len(cve_list)}: {cve_id}") - - # Scrape CVE details from NVD - cve_details = scrape_nvd_cve_details(cve_id) - - if cve_details: - # Create Vulnerability object - try: - vulnerability = create_vulnerability_from_cve(cve_details) - vulnerabilities.append(vulnerability) - print( - f"✓ Successfully created Vulnerability object for " - f"{cve_id}" - ) - except Exception as e: - import traceback - print( - f"✗ Error creating Vulnerability object for " - f"{cve_id}: {e}" - ) - print("Full traceback:") - traceback.print_exc() - else: - print(f"✗ Failed to scrape details for {cve_id}") - - print() - - # Be respectful to the API server - add a delay between requests - if i < len(cve_list): - time.sleep(2) # 2 second delay between requests + vulnerabilities, reports = asyncio.run(process_cves_async(cve_list, max_concurrent=10)) print("-" * 80) print() - # Step 4: Save to JSONL - if vulnerabilities: - output_path = "mileva_cves.jsonl" - save_vulnerabilities_to_jsonl(vulnerabilities, output_path) + # Step 4: Save to JSONL files + if vulnerabilities and reports: + print("Saving outputs...") + save_vulnerabilities_to_jsonl(vulnerabilities, "mileva_cves.jsonl") + save_reports_to_jsonl(reports, "mileva_reports.jsonl") print() print("=" * 80) print( - f"Complete! Processed {len(vulnerabilities)} out of " - f"{len(cve_ids)} CVEs" + f"Complete! Successfully processed {len(vulnerabilities)} out of " + f"{len(cve_list)} CVEs into Vulnerability and Report objects" ) + print("Output files:") + print(" - mileva_cves.jsonl (Vulnerability objects)") + print(" - mileva_reports.jsonl (Report objects)") print("=" * 80) else: - print("No vulnerabilities were successfully created.") + print("No objects were successfully created.") if __name__ == "__main__": diff --git a/scripts/mileva_cves.jsonl b/scripts/mileva_cves.jsonl deleted file mode 100644 index cb4bf2d..0000000 --- a/scripts/mileva_cves.jsonl +++ /dev/null @@ -1,32 +0,0 @@ -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10109"},"affects":{"developer":["mintplex-labs"],"deployer":["mintplex-labs"],"artifacts":[{"type":"System","name":"mintplex-labs/anything-llm"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-863: A vulnerability in the mintplex-labs/anything-llm repository, as of commit 5c40419, allows low privilege users to access the sensitive API endpoint \"/api/system/custom-models\". This access enables them to modify the model's API key and base path, leading to potential API key leakage and denial of service on chats."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10109"},{"label":"Reference","url":"https://huntr.com/bounties/ad3c9e76-679d-4775-b203-96947ff73551"},{"label":"Reference","url":"https://github.com/mintplex-labs/anything-llm/commit/8d302c3f670c582b09d47e96132c248101447a11"}],"description":{"lang":"eng","value":"A vulnerability in the mintplex-labs/anything-llm repository, as of commit 5c40419, allows low privilege users to access the sensitive API endpoint \"/api/system/custom-models\". This access enables them to modify the model's API key and base path, leading to potential API key leakage and denial of service on chats."},"impact":{"avid":{"vuln_id":"CVE-2024-10109","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10273"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-863: In lunary-ai/lunary v1.5.0, improper privilege management in the models.ts file allows users with viewer roles to modify models owned by others. The PATCH endpoint for models does not have appropriate privilege checks, enabling low-privilege users to update models they should not have access to modify. This vulnerability could lead to unauthorized changes in critical resources, affecting the integrity and reliability of the system."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10273"},{"label":"Reference","url":"https://huntr.com/bounties/883d9fe2-5730-41e1-a5c2-59972489876e"},{"label":"Reference","url":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc"}],"description":{"lang":"eng","value":"In lunary-ai/lunary v1.5.0, improper privilege management in the models.ts file allows users with viewer roles to modify models owned by others. The PATCH endpoint for models does not have appropriate privilege checks, enabling low-privilege users to update models they should not have access to modify. This vulnerability could lead to unauthorized changes in critical resources, affecting the integrity and reliability of the system."},"impact":{"avid":{"vuln_id":"CVE-2024-10273","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10274"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-862: An improper authorization vulnerability exists in lunary-ai/lunary version 1.5.5. The /users/me/org endpoint lacks adequate access control mechanisms, allowing unauthorized users to access sensitive information about all team members in the current organization. This vulnerability can lead to the disclosure of sensitive information such as names, roles, or emails to users without sufficient privileges, resulting in privacy violations and potential reconnaissance for targeted attacks."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10274"},{"label":"Reference","url":"https://huntr.com/bounties/506459c1-da60-45c5-a10d-8bd540a4b4c1"},{"label":"Reference","url":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc"}],"description":{"lang":"eng","value":"An improper authorization vulnerability exists in lunary-ai/lunary version 1.5.5. The /users/me/org endpoint lacks adequate access control mechanisms, allowing unauthorized users to access sensitive information about all team members in the current organization. This vulnerability can lead to the disclosure of sensitive information such as names, roles, or emails to users without sufficient privileges, resulting in privacy violations and potential reconnaissance for targeted attacks."},"impact":{"avid":{"vuln_id":"CVE-2024-10274","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10330"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-862: In lunary-ai/lunary version 1.5.6, the `/v1/evaluators/` endpoint lacks proper access control, allowing any user associated with a project to fetch all evaluator data regardless of their role. This vulnerability permits low-privilege users to access potentially sensitive evaluation data."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10330"},{"label":"Reference","url":"https://huntr.com/bounties/598ecd65-1723-4fb7-a9aa-9c4f56a5a2aa"},{"label":"Reference","url":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc"}],"description":{"lang":"eng","value":"In lunary-ai/lunary version 1.5.6, the `/v1/evaluators/` endpoint lacks proper access control, allowing any user associated with a project to fetch all evaluator data regardless of their role. This vulnerability permits low-privilege users to access potentially sensitive evaluation data."},"impact":{"avid":{"vuln_id":"CVE-2024-10330","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10513"},"affects":{"developer":["mintplex-labs"],"deployer":["mintplex-labs"],"artifacts":[{"type":"System","name":"mintplex-labs/anything-llm"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-23: A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs/anything-llm, affecting the latest version prior to 1.2.2. This vulnerability allows users with the 'manager' role to access and manipulate the 'anythingllm.db' database file. By exploiting the vulnerable endpoint '/api/document/move-files', an attacker can move the database file to a publicly accessible directory, download it, and subsequently delete it. This can lead to unauthorized access "}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10513"},{"label":"Reference","url":"https://huntr.com/bounties/ad11cecf-161a-4fb1-986f-6f88272cbb9e"},{"label":"Reference","url":"https://github.com/mintplex-labs/anything-llm/commit/47a5c7126c20e2277ee56e2c7ee11990886a40a7"}],"description":{"lang":"eng","value":"A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs/anything-llm, affecting the latest version prior to 1.2.2. This vulnerability allows users with the 'manager' role to access and manipulate the 'anythingllm.db' database file. By exploiting the vulnerable endpoint '/api/document/move-files', an attacker can move the database file to a publicly accessible directory, download it, and subsequently delete it. This can lead to unauthorized access to sensitive data, privilege escalation, and potential data loss."},"impact":{"avid":{"vuln_id":"CVE-2024-10513","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10762"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-862: In lunary-ai/lunary before version 1.5.9, the /v1/evaluators/ endpoint allows users to delete evaluators of a project by sending a DELETE request. However, the route lacks proper access control, such as middleware to ensure that only users with appropriate roles can delete evaluator data. This vulnerability allows low-privilege users to delete evaluators data, causing permanent data loss and potentially hindering operations."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10762"},{"label":"Reference","url":"https://huntr.com/bounties/23ab508e-d956-4861-b28f-0569d3b404a6"},{"label":"Reference","url":"https://github.com/lunary-ai/lunary/commit/91587496673da24cb7ddedfbbd6e602592b20ef6"}],"description":{"lang":"eng","value":"In lunary-ai/lunary before version 1.5.9, the /v1/evaluators/ endpoint allows users to delete evaluators of a project by sending a DELETE request. However, the route lacks proper access control, such as middleware to ensure that only users with appropriate roles can delete evaluator data. This vulnerability allows low-privilege users to delete evaluators data, causing permanent data loss and potentially hindering operations."},"impact":{"avid":{"vuln_id":"CVE-2024-10762","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10821"},"affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-835: A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of the Invoke-AI server (version v5.0.1) allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and a complete denial of service for all users. The affected endpoint is `/api/v1/images/upload`."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10821"},{"label":"Reference","url":"https://huntr.com/bounties/0ac24835-c4c0-4f11-938a-d5641dfb80b2"}],"description":{"lang":"eng","value":"A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of the Invoke-AI server (version v5.0.1) allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and a complete denial of service for all users. The affected endpoint is `/api/v1/images/upload`."},"impact":{"avid":{"vuln_id":"CVE-2024-10821","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10829"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-835: A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of eosphoros-ai/db-gpt v0.6.0 allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and complete denial of service for all users. This vulnerability affects all endpoints processing multipart/form-data requests."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10829"},{"label":"Reference","url":"https://huntr.com/bounties/e3a4a0ad-a2e0-497f-a2e0-e3c0ec7c4de4"}],"description":{"lang":"eng","value":"A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of eosphoros-ai/db-gpt v0.6.0 allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and complete denial of service for all users. This vulnerability affects all endpoints processing multipart/form-data requests."},"impact":{"avid":{"vuln_id":"CVE-2024-10829","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10830"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-22: A Path Traversal vulnerability exists in the eosphoros-ai/db-gpt version 0.6.0 at the API endpoint `/v1/resource/file/delete`. This vulnerability allows an attacker to delete any file on the server by manipulating the `file_key` parameter. The `file_key` parameter is not properly sanitized, enabling an attacker to specify arbitrary file paths. If the specified file exists, the application will delete it."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10830"},{"label":"Reference","url":"https://huntr.com/bounties/26adf08a-9262-4d5a-a2ee-ce12ed919620"}],"description":{"lang":"eng","value":"A Path Traversal vulnerability exists in the eosphoros-ai/db-gpt version 0.6.0 at the API endpoint `/v1/resource/file/delete`. This vulnerability allows an attacker to delete any file on the server by manipulating the `file_key` parameter. The `file_key` parameter is not properly sanitized, enabling an attacker to specify arbitrary file paths. If the specified file exists, the application will delete it."},"impact":{"avid":{"vuln_id":"CVE-2024-10830","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10831"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-36: In eosphoros-ai/db-gpt version 0.6.0, the endpoint for uploading files is vulnerable to absolute path traversal. This vulnerability allows an attacker to upload arbitrary files to arbitrary locations on the target server. The issue arises because the `file_key` and `doc_file.filename` parameters are user-controllable, enabling the construction of paths outside the intended directory. This can lead to overwriting essential system files, such as SSH keys, for further exploitation."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10831"},{"label":"Reference","url":"https://huntr.com/bounties/5c34c39f-66d4-414c-ab6a-f7888a5d882a"}],"description":{"lang":"eng","value":"In eosphoros-ai/db-gpt version 0.6.0, the endpoint for uploading files is vulnerable to absolute path traversal. This vulnerability allows an attacker to upload arbitrary files to arbitrary locations on the target server. The issue arises because the `file_key` and `doc_file.filename` parameters are user-controllable, enabling the construction of paths outside the intended directory. This can lead to overwriting essential system files, such as SSH keys, for further exploitation."},"impact":{"avid":{"vuln_id":"CVE-2024-10831","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10833"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-36: eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to absolute path traversal, allowing attackers to write files to arbitrary locations on the target server. This vulnerability arises because the 'doc_file.filename' parameter is user-controllable, enabling the construction of absolute paths."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10833"},{"label":"Reference","url":"https://huntr.com/bounties/dc58e981-e325-4c11-b4e1-1095890fd15a"}],"description":{"lang":"eng","value":"eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to absolute path traversal, allowing attackers to write files to arbitrary locations on the target server. This vulnerability arises because the 'doc_file.filename' parameter is user-controllable, enabling the construction of absolute paths."},"impact":{"avid":{"vuln_id":"CVE-2024-10833","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10834"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-73: eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that allows for arbitrary file write. The issue arises from the ability to pass an absolute path to a call to `os.path.join`, enabling an attacker to write files to arbitrary locations on the target server. This vulnerability can be exploited by setting the `doc_file.filename` to an absolute path, which can lead to overwriting system files or creating new SSH-key entries."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10834"},{"label":"Reference","url":"https://huntr.com/bounties/0d598508-151a-4050-9ccd-31bb82955e7a"}],"description":{"lang":"eng","value":"eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that allows for arbitrary file write. The issue arises from the ability to pass an absolute path to a call to `os.path.join`, enabling an attacker to write files to arbitrary locations on the target server. This vulnerability can be exploited by setting the `doc_file.filename` to an absolute path, which can lead to overwriting system files or creating new SSH-key entries."},"impact":{"avid":{"vuln_id":"CVE-2024-10834","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10835"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-89: In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/sql/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the victim's file system. This can potentially lead to Remote Code Execution (RCE)."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10835"},{"label":"Reference","url":"https://huntr.com/bounties/e32fda74-ca83-431c-8de8-08274ba686c9"}],"description":{"lang":"eng","value":"In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/sql/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the victim's file system. This can potentially lead to Remote Code Execution (RCE)."},"impact":{"avid":{"vuln_id":"CVE-2024-10835","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10906"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-352: In version 0.6.0 of eosphoros-ai/db-gpt, the `uvicorn` app created by `dbgpt_server` uses an overly permissive instance of `CORSMiddleware` which sets the `Access-Control-Allow-Origin` to `*` for all requests. This configuration makes all endpoints exposed by the server vulnerable to Cross-Site Request Forgery (CSRF). An attacker can exploit this vulnerability to interact with any endpoints of the instance, even if the instance is not publicly exposed to the network."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10906"},{"label":"Reference","url":"https://huntr.com/bounties/8864aca5-a342-4dab-b866-b2882ba6f160"}],"description":{"lang":"eng","value":"In version 0.6.0 of eosphoros-ai/db-gpt, the `uvicorn` app created by `dbgpt_server` uses an overly permissive instance of `CORSMiddleware` which sets the `Access-Control-Allow-Origin` to `*` for all requests. This configuration makes all endpoints exposed by the server vulnerable to Cross-Site Request Forgery (CSRF). An attacker can exploit this vulnerability to interact with any endpoints of the instance, even if the instance is not publicly exposed to the network."},"impact":{"avid":{"vuln_id":"CVE-2024-10906","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10940"},"affects":{"developer":["langchain-ai"],"deployer":["langchain-ai"],"artifacts":[{"type":"System","name":"langchain-ai/langchain"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-497: A vulnerability in langchain-core versions >=0.1.17,<0.1.53, >=0.2.0,<0.2.43, and >=0.3.0,<0.3.15 allows unauthorized users to read arbitrary files from the host file system. The issue arises from the ability to create langchain_core.prompts.ImagePromptTemplate's (and by extension langchain_core.prompts.ChatPromptTemplate's) with input variables that can read any user-specified path from the server file system. If the outputs of these prompt templates are exposed to the user, either dir"}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10940"},{"label":"Reference","url":"https://huntr.com/bounties/be1ee1cb-2147-4ff4-a57b-b6045271cf27"},{"label":"Reference","url":"https://github.com/langchain-ai/langchain/commit/c1e742347f9701aadba8920e4d1f79a636e50b68"}],"description":{"lang":"eng","value":"A vulnerability in langchain-core versions >=0.1.17,<0.1.53, >=0.2.0,<0.2.43, and >=0.3.0,<0.3.15 allows unauthorized users to read arbitrary files from the host file system. The issue arises from the ability to create langchain_core.prompts.ImagePromptTemplate's (and by extension langchain_core.prompts.ChatPromptTemplate's) with input variables that can read any user-specified path from the server file system. If the outputs of these prompt templates are exposed to the user, either directly or through downstream model outputs, it can lead to the exposure of sensitive information."},"impact":{"avid":{"vuln_id":"CVE-2024-10940","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10950"},"affects":{"developer":["binary-husky"],"deployer":["binary-husky"],"artifacts":[{"type":"System","name":"binary-husky/gpt_academic"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-94: In binary-husky/gpt_academic version <= 3.83, the plugin `CodeInterpreter` is vulnerable to code injection caused by prompt injection. The root cause is the execution of user-provided prompts that generate untrusted code without a sandbox, allowing the execution of parts of the LLM-generated code. This vulnerability can be exploited by an attacker to achieve remote code execution (RCE) on the application backend server, potentially gaining full control of the server."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10950"},{"label":"Reference","url":"https://huntr.com/bounties/9abb1617-0c1d-42c7-a647-d9d2b39c6866"}],"description":{"lang":"eng","value":"In binary-husky/gpt_academic version <= 3.83, the plugin `CodeInterpreter` is vulnerable to code injection caused by prompt injection. The root cause is the execution of user-provided prompts that generate untrusted code without a sandbox, allowing the execution of parts of the LLM-generated code. This vulnerability can be exploited by an attacker to achieve remote code execution (RCE) on the application backend server, potentially gaining full control of the server."},"impact":{"avid":{"vuln_id":"CVE-2024-10950","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10954"},"affects":{"developer":["binary-husky"],"deployer":["binary-husky"],"artifacts":[{"type":"System","name":"binary-husky/gpt_academic"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-94: In the `manim` plugin of binary-husky/gpt_academic, versions prior to the fix, a vulnerability exists due to improper handling of user-provided prompts. The root cause is the execution of untrusted code generated by the LLM without a proper sandbox. This allows an attacker to perform remote code execution (RCE) on the app backend server by injecting malicious code through the prompt."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-10954"},{"label":"Reference","url":"https://huntr.com/bounties/72d034e3-6ca2-495d-98a7-ac9565588c09"}],"description":{"lang":"eng","value":"In the `manim` plugin of binary-husky/gpt_academic, versions prior to the fix, a vulnerability exists due to improper handling of user-provided prompts. The root cause is the execution of untrusted code generated by the LLM without a proper sandbox. This allows an attacker to perform remote code execution (RCE) on the app backend server by injecting malicious code through the prompt."},"impact":{"avid":{"vuln_id":"CVE-2024-10954","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-11042"},"affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-73: In invoke-ai/invokeai version v5.0.2, the web API `POST /api/v1/images/delete` is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH keys, SQLite databases, and configuration files. This can impact the integrity and availability of applications relying on these files."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-11042"},{"label":"Reference","url":"https://huntr.com/bounties/635535a7-c804-4789-ac3a-48d951263987"},{"label":"Reference","url":"https://github.com/invoke-ai/invokeai/commit/5440c037674882b2ab7acd59087e9bb04b49657a"}],"description":{"lang":"eng","value":"In invoke-ai/invokeai version v5.0.2, the web API `POST /api/v1/images/delete` is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH keys, SQLite databases, and configuration files. This can impact the integrity and availability of applications relying on these files."},"impact":{"avid":{"vuln_id":"CVE-2024-11042","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-11043"},"affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-400: A Denial of Service (DoS) vulnerability was discovered in the /api/v1/boards/{board_id} endpoint of invoke-ai/invokeai version v5.0.2. This vulnerability occurs when an excessively large payload is sent in the board_name field during a PATCH request. By sending a large payload, the UI becomes unresponsive, rendering it impossible for users to interact with or manage the affected board. Additionally, the option to delete the board becomes inaccessible, amplifying the severity of the issu"}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-11043"},{"label":"Reference","url":"https://huntr.com/bounties/9270900a-b8b7-402f-aee5-432d891e5648"}],"description":{"lang":"eng","value":"A Denial of Service (DoS) vulnerability was discovered in the /api/v1/boards/{board_id} endpoint of invoke-ai/invokeai version v5.0.2. This vulnerability occurs when an excessively large payload is sent in the board_name field during a PATCH request. By sending a large payload, the UI becomes unresponsive, rendering it impossible for users to interact with or manage the affected board. Additionally, the option to delete the board becomes inaccessible, amplifying the severity of the issue."},"impact":{"avid":{"vuln_id":"CVE-2024-11043","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-11300"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-639: In lunary-ai/lunary before version 1.6.3, an improper access control vulnerability exists where a user can access prompt data of another user. This issue affects version 1.6.2 and the main branch. The vulnerability allows unauthorized users to view sensitive prompt data by accessing specific URLs, leading to potential exposure of critical information."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-11300"},{"label":"Reference","url":"https://huntr.com/bounties/8dca7994-0d92-491e-a419-02adfe23ffa4"},{"label":"Reference","url":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd"}],"description":{"lang":"eng","value":"In lunary-ai/lunary before version 1.6.3, an improper access control vulnerability exists where a user can access prompt data of another user. This issue affects version 1.6.2 and the main branch. The vulnerability allows unauthorized users to view sensitive prompt data by accessing specific URLs, leading to potential exposure of critical information."},"impact":{"avid":{"vuln_id":"CVE-2024-11300","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-11301"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-837: In lunary-ai/lunary before version 1.6.3, the application allows the creation of evaluators without enforcing a unique constraint on the combination of projectId and slug. This allows an attacker to overwrite existing data by submitting a POST request with the same slug as an existing evaluator. The lack of database constraints or application-layer validation to prevent duplicates exposes the application to data integrity issues. This vulnerability can result in corrupted data and poten"}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-11301"},{"label":"Reference","url":"https://huntr.com/bounties/3d99aca5-b135-4833-b48b-7806bc4bf861"},{"label":"Reference","url":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd"}],"description":{"lang":"eng","value":"In lunary-ai/lunary before version 1.6.3, the application allows the creation of evaluators without enforcing a unique constraint on the combination of projectId and slug. This allows an attacker to overwrite existing data by submitting a POST request with the same slug as an existing evaluator. The lack of database constraints or application-layer validation to prevent duplicates exposes the application to data integrity issues. This vulnerability can result in corrupted data and potentially malicious actions, impairing the system's functionality."},"impact":{"avid":{"vuln_id":"CVE-2024-11301","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12029"},"affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-502: A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious code in model files, which is executed upon loading. This issue is fixed in version 5.4.3."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-12029"},{"label":"Reference","url":"https://huntr.com/bounties/9b790f94-1b1b-4071-bc27-78445d1a87a3"},{"label":"Reference","url":"https://github.com/invoke-ai/invokeai/commit/756008dc5899081c5aa51e5bd8f24c1b3975a59e"}],"description":{"lang":"eng","value":"A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious code in model files, which is executed upon loading. This issue is fixed in version 5.4.3."},"impact":{"avid":{"vuln_id":"CVE-2024-12029","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12704"},"affects":{"developer":["run-llama"],"deployer":["run-llama"],"artifacts":[{"type":"System","name":"run-llama/llama_index"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-835: A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method executes the llm using a thread and retrieves the result via the get_response_gen method of the StreamingGeneratorCallbackHandler class. If the thread terminates abnormally before the _llm.predict is executed, there is no exception handling for this case, leading to an infinite loop in the get_response_gen function. T"}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-12704"},{"label":"Reference","url":"https://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a"},{"label":"Reference","url":"https://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05"}],"description":{"lang":"eng","value":"A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method executes the llm using a thread and retrieves the result via the get_response_gen method of the StreamingGeneratorCallbackHandler class. If the thread terminates abnormally before the _llm.predict is executed, there is no exception handling for this case, leading to an infinite loop in the get_response_gen function. This can be triggered by providing an input of an incorrect type, causing the thread to terminate and the process to continue running indefinitely."},"impact":{"avid":{"vuln_id":"CVE-2024-12704","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12779"},"affects":{"developer":["infiniflow"],"deployer":["infiniflow"],"artifacts":[{"type":"System","name":"infiniflow/ragflow"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-918: A Server-Side Request Forgery (SSRF) vulnerability exists in infiniflow/ragflow version 0.12.0. The vulnerability is present in the `POST /v1/llm/add_llm` and `POST /v1/conversation/tts` endpoints. Attackers can specify an arbitrary URL as the `api_base` when adding an `OPENAITTS` model, and subsequently access the `tts` REST API endpoint to read contents from the specified URL. This can lead to unauthorized access to internal web resources."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-12779"},{"label":"Reference","url":"https://huntr.com/bounties/3cc748ba-2afb-4bfe-8553-10eb6d6dd4f0"}],"description":{"lang":"eng","value":"A Server-Side Request Forgery (SSRF) vulnerability exists in infiniflow/ragflow version 0.12.0. The vulnerability is present in the `POST /v1/llm/add_llm` and `POST /v1/conversation/tts` endpoints. Attackers can specify an arbitrary URL as the `api_base` when adding an `OPENAITTS` model, and subsequently access the `tts` REST API endpoint to read contents from the specified URL. This can lead to unauthorized access to internal web resources."},"impact":{"avid":{"vuln_id":"CVE-2024-12779","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12909"},"affects":{"developer":["run-llama"],"deployer":["run-llama"],"artifacts":[{"type":"System","name":"run-llama/llama_index"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-89: A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for SQL injection in the `run_sql_query` function of the `database_agent`. This vulnerability can be exploited by an attacker to inject arbitrary SQL queries, leading to remote code execution (RCE) through the use of PostgreSQL's large object functionality. The issue is fixed in version 0.3.0."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-12909"},{"label":"Reference","url":"https://huntr.com/bounties/44e8177f-200a-4ba3-a12c-8bc21e313a3f"},{"label":"Reference","url":"https://github.com/run-llama/llama_index/commit/5d03c175476452db9b8abcdb7d5767dd7b310a75"}],"description":{"lang":"eng","value":"A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for SQL injection in the `run_sql_query` function of the `database_agent`. This vulnerability can be exploited by an attacker to inject arbitrary SQL queries, leading to remote code execution (RCE) through the use of PostgreSQL's large object functionality. The issue is fixed in version 0.3.0."},"impact":{"avid":{"vuln_id":"CVE-2024-12909","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12911"},"affects":{"developer":["run-llama"],"deployer":["run-llama"],"artifacts":[{"type":"System","name":"run-llama/llama_index"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-89: A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-12911"},{"label":"Reference","url":"https://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3"},{"label":"Reference","url":"https://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e"}],"description":{"lang":"eng","value":"A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1."},"impact":{"avid":{"vuln_id":"CVE-2024-12911","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-6838"},"affects":{"developer":["mlflow"],"deployer":["mlflow"],"artifacts":[{"type":"System","name":"mlflow/mlflow"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-400: In mlflow/mlflow version v2.13.2, a vulnerability exists that allows the creation or renaming of an experiment with a large number of integers in its name due to the lack of a limit on the experiment name. This can cause the MLflow UI panel to become unresponsive, leading to a potential denial of service. Additionally, there is no character limit in the `artifact_location` parameter while creating the experiment."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-6838"},{"label":"Reference","url":"https://huntr.com/bounties/8ad52cb2-2cda-4eb0-aec9-586060ee43e0"}],"description":{"lang":"eng","value":"In mlflow/mlflow version v2.13.2, a vulnerability exists that allows the creation or renaming of an experiment with a large number of integers in its name due to the lack of a limit on the experiment name. This can cause the MLflow UI panel to become unresponsive, leading to a potential denial of service. Additionally, there is no character limit in the `artifact_location` parameter while creating the experiment."},"impact":{"avid":{"vuln_id":"CVE-2024-6838","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-6842"},"affects":{"developer":["mintplex-labs"],"deployer":["mintplex-labs"],"artifacts":[{"type":"System","name":"mintplex-labs/anything-llm"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-306: In version 1.5.5 of mintplex-labs/anything-llm, the `/setup-complete` API endpoint allows unauthorized users to access sensitive system settings. The data returned by the `currentSettings` function includes sensitive information such as API keys for search engines, which can be exploited by attackers to steal these keys and cause loss of user assets."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-6842"},{"label":"Reference","url":"https://huntr.com/bounties/cd911fc7-ac6b-4974-acd0-9cc926fa8d9e"},{"label":"Reference","url":"https://github.com/mintplex-labs/anything-llm/commit/8b1ceb30c159cf3a10efa16275bc6849d84e4ea8"}],"description":{"lang":"eng","value":"In version 1.5.5 of mintplex-labs/anything-llm, the `/setup-complete` API endpoint allows unauthorized users to access sensitive system settings. The data returned by the `currentSettings` function includes sensitive information such as API keys for search engines, which can be exploited by attackers to steal these keys and cause loss of user assets."},"impact":{"avid":{"vuln_id":"CVE-2024-6842","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-8999"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-862: lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST /api/v1/data-warehouse/bigquery endpoint. This vulnerability allows any user to export the entire database data by creating a stream to Google BigQuery without proper authentication or authorization. The issue is fixed in version 1.4.26."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-8999"},{"label":"Reference","url":"https://huntr.com/bounties/d42b7a44-0dcb-4ef0-b15c-d0e558da65c6"},{"label":"Reference","url":"https://github.com/lunary-ai/lunary/commit/aa0fd22952d1d84a717ae563eb1ab564d94a9e2b"}],"description":{"lang":"eng","value":"lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST /api/v1/data-warehouse/bigquery endpoint. This vulnerability allows any user to export the entire database data by creating a stream to Google BigQuery without proper authentication or authorization. The issue is fixed in version 1.4.26."},"impact":{"avid":{"vuln_id":"CVE-2024-8999","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-9000"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-862: In lunary-ai/lunary before version 1.4.26, the checklists.post() endpoint allows users to create or modify checklists without validating whether the user has proper permissions. This missing access control permits unauthorized users to create checklists, bypassing intended permission checks. Additionally, the endpoint does not validate the uniqueness of the slug field when creating a new checklist, allowing an attacker to spoof existing checklists by reusing the slug of an already-exist"}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2024-9000"},{"label":"Reference","url":"https://huntr.com/bounties/f5fca549-0a4a-4f64-8ccf-d4e108856da4"},{"label":"Reference","url":"https://github.com/lunary-ai/lunary/commit/a02861ef9bb6ce860a35f7b8f178d58859cd85f0"}],"description":{"lang":"eng","value":"In lunary-ai/lunary before version 1.4.26, the checklists.post() endpoint allows users to create or modify checklists without validating whether the user has proper permissions. This missing access control permits unauthorized users to create checklists, bypassing intended permission checks. Additionally, the endpoint does not validate the uniqueness of the slug field when creating a new checklist, allowing an attacker to spoof existing checklists by reusing the slug of an already-existing checklist. This can lead to significant data integrity issues, as legitimate checklists can be replaced with malicious or altered data."},"impact":{"avid":{"vuln_id":"CVE-2024-9000","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-2450"},"affects":{"developer":["NI"],"deployer":["NI"],"artifacts":[{"type":"System","name":"Vision Builder AI"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-356: NI Vision Builder AI VBAI File Processing Missing Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI Vision Builder AI. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the processing of VBAI files. The issue results from allowing the execution of dangerous script without user wa"}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2025-2450"},{"label":"Reference","url":"https://www.zerodayinitiative.com/advisories/ZDI-25-147/"}],"description":{"lang":"eng","value":"NI Vision Builder AI VBAI File Processing Missing Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI Vision Builder AI. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the processing of VBAI files. The issue results from allowing the execution of dangerous script without user warning. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22833."},"impact":{"avid":{"vuln_id":"CVE-2025-2450","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-2867"},"affects":{"developer":["GitLab"],"deployer":["GitLab"],"artifacts":[{"type":"System","name":"GitLab"}]},"problemtype":{"classof":"CVE Entry","description":{"lang":"eng","value":"CWE-94: An issue has been discovered in the GitLab Duo with Amazon Q affecting all versions from 17.8 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. A specifically crafted issue could manipulate AI-assisted development features to potentially expose sensitive project data to unauthorized users."}},"references":[{"type":"source","label":"NVD","url":"https://www.cve.org/CVERecord?id=CVE-2025-2867"},{"label":"Reference","url":"https://gitlab.com/gitlab-org/gitlab/-/issues/512509"}],"description":{"lang":"eng","value":"An issue has been discovered in the GitLab Duo with Amazon Q affecting all versions from 17.8 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. A specifically crafted issue could manipulate AI-assisted development features to potentially expose sensitive project data to unauthorized users."},"impact":{"avid":{"vuln_id":"CVE-2025-2867","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}}} From 87da8eb5ef21c3dfb2500a0942a210aaaa5625b8 Mon Sep 17 00:00:00 2001 From: shubhobm Date: Sat, 6 Dec 2025 16:49:51 +0530 Subject: [PATCH 3/7] // --- mileva_cves.jsonl | 58 -------------------------------------------- mileva_reports.jsonl | 58 -------------------------------------------- 2 files changed, 116 deletions(-) delete mode 100644 mileva_cves.jsonl delete mode 100644 mileva_reports.jsonl diff --git a/mileva_cves.jsonl b/mileva_cves.jsonl deleted file mode 100644 index 8d822c7..0000000 --- a/mileva_cves.jsonl +++ /dev/null @@ -1,58 +0,0 @@ -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-0132"},"affects":{"developer":["NVIDIA"],"deployer":["NVIDIA"],"artifacts":[{"type":"System","name":"Container Toolkit"},{"type":"System","name":"GPU Operator"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-367: NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-0132"},{"type":"source","label":"https://nvidia.custhelp.com/app/answers/detail/a_id/5582","url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5582"}],"description":{"lang":"eng","value":"CVE-2024-0132 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-0132","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-367","description":"CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition","lang":"en"}]},"published_date":"2024-09-26","last_modified_date":"2024-09-27"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10109"},"affects":{"developer":["mintplex-labs"],"deployer":["mintplex-labs"],"artifacts":[{"type":"System","name":"mintplex-labs/anything-llm"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-863: A vulnerability in the mintplex-labs/anything-llm repository, as of commit 5c40419, allows low privilege users to access the sensitive API endpoint \"/api/system/custom-models\". This access enables them to modify the model's API key and base path, leading to potential API key leakage and denial of service on chats."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10109"},{"type":"source","label":"https://huntr.com/bounties/ad3c9e76-679d-4775-b203-96947ff73551","url":"https://huntr.com/bounties/ad3c9e76-679d-4775-b203-96947ff73551"},{"type":"source","label":"https://github.com/mintplex-labs/anything-llm/commit/8d302c3f670c582b09d47e96132c248101447a11","url":"https://github.com/mintplex-labs/anything-llm/commit/8d302c3f670c582b09d47e96132c248101447a11"}],"description":{"lang":"eng","value":"CVE-2024-10109 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10109","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-863","description":"CWE-863 Incorrect Authorization","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10273"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-863: In lunary-ai/lunary v1.5.0, improper privilege management in the models.ts file allows users with viewer roles to modify models owned by others. The PATCH endpoint for models does not have appropriate privilege checks, enabling low-privilege users to update models they should not have access to modify. This vulnerability could lead to unauthorized changes in critical resources, affecting the integrity and reliability of the system."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10273"},{"type":"source","label":"https://huntr.com/bounties/883d9fe2-5730-41e1-a5c2-59972489876e","url":"https://huntr.com/bounties/883d9fe2-5730-41e1-a5c2-59972489876e"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc","url":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc"}],"description":{"lang":"eng","value":"CVE-2024-10273 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10273","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-863","description":"CWE-863 Incorrect Authorization","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10274"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: An improper authorization vulnerability exists in lunary-ai/lunary version 1.5.5. The /users/me/org endpoint lacks adequate access control mechanisms, allowing unauthorized users to access sensitive information about all team members in the current organization. This vulnerability can lead to the disclosure of sensitive information such as names, roles, or emails to users without sufficient privileges, resulting in privacy violations and potential reconnaissance for targeted attacks."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10274"},{"type":"source","label":"https://huntr.com/bounties/506459c1-da60-45c5-a10d-8bd540a4b4c1","url":"https://huntr.com/bounties/506459c1-da60-45c5-a10d-8bd540a4b4c1"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc","url":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc"}],"description":{"lang":"eng","value":"CVE-2024-10274 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10274","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10330"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: In lunary-ai/lunary version 1.5.6, the `/v1/evaluators/` endpoint lacks proper access control, allowing any user associated with a project to fetch all evaluator data regardless of their role. This vulnerability permits low-privilege users to access potentially sensitive evaluation data."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10330"},{"type":"source","label":"https://huntr.com/bounties/598ecd65-1723-4fb7-a9aa-9c4f56a5a2aa","url":"https://huntr.com/bounties/598ecd65-1723-4fb7-a9aa-9c4f56a5a2aa"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc","url":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc"}],"description":{"lang":"eng","value":"CVE-2024-10330 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10330","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10513"},"affects":{"developer":["mintplex-labs"],"deployer":["mintplex-labs"],"artifacts":[{"type":"System","name":"mintplex-labs/anything-llm"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-23: A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs/anything-llm, affecting the latest version prior to 1.2.2. This vulnerability allows users with the 'manager' role to access and manipulate the 'anythingllm.db' database file. By exploiting the vulnerable endpoint '/api/document/move-files', an attacker can move the database file to a publicly accessible directory, download it, and subsequently delete it. This can lead to unauthorized access to sensitive data, privilege escalation, and potential data loss."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10513"},{"type":"source","label":"https://huntr.com/bounties/ad11cecf-161a-4fb1-986f-6f88272cbb9e","url":"https://huntr.com/bounties/ad11cecf-161a-4fb1-986f-6f88272cbb9e"},{"type":"source","label":"https://github.com/mintplex-labs/anything-llm/commit/47a5c7126c20e2277ee56e2c7ee11990886a40a7","url":"https://github.com/mintplex-labs/anything-llm/commit/47a5c7126c20e2277ee56e2c7ee11990886a40a7"}],"description":{"lang":"eng","value":"CVE-2024-10513 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10513","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-23","description":"CWE-23 Relative Path Traversal","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10762"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: In lunary-ai/lunary before version 1.5.9, the /v1/evaluators/ endpoint allows users to delete evaluators of a project by sending a DELETE request. However, the route lacks proper access control, such as middleware to ensure that only users with appropriate roles can delete evaluator data. This vulnerability allows low-privilege users to delete evaluators data, causing permanent data loss and potentially hindering operations."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10762"},{"type":"source","label":"https://huntr.com/bounties/23ab508e-d956-4861-b28f-0569d3b404a6","url":"https://huntr.com/bounties/23ab508e-d956-4861-b28f-0569d3b404a6"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/91587496673da24cb7ddedfbbd6e602592b20ef6","url":"https://github.com/lunary-ai/lunary/commit/91587496673da24cb7ddedfbbd6e602592b20ef6"}],"description":{"lang":"eng","value":"CVE-2024-10762 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10762","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10821"},"affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-835: A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of the Invoke-AI server (version v5.0.1) allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and a complete denial of service for all users. The affected endpoint is `/api/v1/images/upload`."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10821"},{"type":"source","label":"https://huntr.com/bounties/0ac24835-c4c0-4f11-938a-d5641dfb80b2","url":"https://huntr.com/bounties/0ac24835-c4c0-4f11-938a-d5641dfb80b2"}],"description":{"lang":"eng","value":"CVE-2024-10821 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10821","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-835","description":"CWE-835 Loop with Unreachable Exit Condition","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10829"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-835: A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of eosphoros-ai/db-gpt v0.6.0 allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and complete denial of service for all users. This vulnerability affects all endpoints processing multipart/form-data requests."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10829"},{"type":"source","label":"https://huntr.com/bounties/e3a4a0ad-a2e0-497f-a2e0-e3c0ec7c4de4","url":"https://huntr.com/bounties/e3a4a0ad-a2e0-497f-a2e0-e3c0ec7c4de4"}],"description":{"lang":"eng","value":"CVE-2024-10829 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10829","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-835","description":"CWE-835 Loop with Unreachable Exit Condition","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10830"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-22: A Path Traversal vulnerability exists in the eosphoros-ai/db-gpt version 0.6.0 at the API endpoint `/v1/resource/file/delete`. This vulnerability allows an attacker to delete any file on the server by manipulating the `file_key` parameter. The `file_key` parameter is not properly sanitized, enabling an attacker to specify arbitrary file paths. If the specified file exists, the application will delete it."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10830"},{"type":"source","label":"https://huntr.com/bounties/26adf08a-9262-4d5a-a2ee-ce12ed919620","url":"https://huntr.com/bounties/26adf08a-9262-4d5a-a2ee-ce12ed919620"}],"description":{"lang":"eng","value":"CVE-2024-10830 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10830","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-22","description":"CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10831"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-36: In eosphoros-ai/db-gpt version 0.6.0, the endpoint for uploading files is vulnerable to absolute path traversal. This vulnerability allows an attacker to upload arbitrary files to arbitrary locations on the target server. The issue arises because the `file_key` and `doc_file.filename` parameters are user-controllable, enabling the construction of paths outside the intended directory. This can lead to overwriting essential system files, such as SSH keys, for further exploitation."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10831"},{"type":"source","label":"https://huntr.com/bounties/5c34c39f-66d4-414c-ab6a-f7888a5d882a","url":"https://huntr.com/bounties/5c34c39f-66d4-414c-ab6a-f7888a5d882a"}],"description":{"lang":"eng","value":"CVE-2024-10831 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10831","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-36","description":"CWE-36 Absolute Path Traversal","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10833"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-36: eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to absolute path traversal, allowing attackers to write files to arbitrary locations on the target server. This vulnerability arises because the 'doc_file.filename' parameter is user-controllable, enabling the construction of absolute paths."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10833"},{"type":"source","label":"https://huntr.com/bounties/dc58e981-e325-4c11-b4e1-1095890fd15a","url":"https://huntr.com/bounties/dc58e981-e325-4c11-b4e1-1095890fd15a"}],"description":{"lang":"eng","value":"CVE-2024-10833 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10833","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-36","description":"CWE-36 Absolute Path Traversal","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10834"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-73: eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that allows for arbitrary file write. The issue arises from the ability to pass an absolute path to a call to `os.path.join`, enabling an attacker to write files to arbitrary locations on the target server. This vulnerability can be exploited by setting the `doc_file.filename` to an absolute path, which can lead to overwriting system files or creating new SSH-key entries."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10834"},{"type":"source","label":"https://huntr.com/bounties/0d598508-151a-4050-9ccd-31bb82955e7a","url":"https://huntr.com/bounties/0d598508-151a-4050-9ccd-31bb82955e7a"}],"description":{"lang":"eng","value":"CVE-2024-10834 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10834","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-73","description":"CWE-73 External Control of File Name or Path","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10835"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-89: In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/sql/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the victim's file system. This can potentially lead to Remote Code Execution (RCE)."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10835"},{"type":"source","label":"https://huntr.com/bounties/e32fda74-ca83-431c-8de8-08274ba686c9","url":"https://huntr.com/bounties/e32fda74-ca83-431c-8de8-08274ba686c9"}],"description":{"lang":"eng","value":"CVE-2024-10835 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10835","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-89","description":"CWE-89 Improper Neutralization of Special Elements used in an SQL Command","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10906"},"affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-352: In version 0.6.0 of eosphoros-ai/db-gpt, the `uvicorn` app created by `dbgpt_server` uses an overly permissive instance of `CORSMiddleware` which sets the `Access-Control-Allow-Origin` to `*` for all requests. This configuration makes all endpoints exposed by the server vulnerable to Cross-Site Request Forgery (CSRF). An attacker can exploit this vulnerability to interact with any endpoints of the instance, even if the instance is not publicly exposed to the network."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10906"},{"type":"source","label":"https://huntr.com/bounties/8864aca5-a342-4dab-b866-b2882ba6f160","url":"https://huntr.com/bounties/8864aca5-a342-4dab-b866-b2882ba6f160"}],"description":{"lang":"eng","value":"CVE-2024-10906 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10906","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"LOW"},"cwe":[{"cweId":"CWE-352","description":"CWE-352 Cross-Site Request Forgery (CSRF)","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10940"},"affects":{"developer":["langchain-ai"],"deployer":["langchain-ai"],"artifacts":[{"type":"System","name":"langchain-ai/langchain"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-497: A vulnerability in langchain-core versions >=0.1.17,<0.1.53, >=0.2.0,<0.2.43, and >=0.3.0,<0.3.15 allows unauthorized users to read arbitrary files from the host file system. The issue arises from the ability to create langchain_core.prompts.ImagePromptTemplate's (and by extension langchain_core.prompts.ChatPromptTemplate's) with input variables that can read any user-specified path from the server file system. If the outputs of these prompt templates are exposed to the user, either directly or through downstream model outputs, it can lead to the exposure of sensitive information."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10940"},{"type":"source","label":"https://huntr.com/bounties/be1ee1cb-2147-4ff4-a57b-b6045271cf27","url":"https://huntr.com/bounties/be1ee1cb-2147-4ff4-a57b-b6045271cf27"},{"type":"source","label":"https://github.com/langchain-ai/langchain/commit/c1e742347f9701aadba8920e4d1f79a636e50b68","url":"https://github.com/langchain-ai/langchain/commit/c1e742347f9701aadba8920e4d1f79a636e50b68"}],"description":{"lang":"eng","value":"CVE-2024-10940 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10940","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-497","description":"CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10950"},"affects":{"developer":["binary-husky"],"deployer":["binary-husky"],"artifacts":[{"type":"System","name":"binary-husky/gpt_academic"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-94: In binary-husky/gpt_academic version <= 3.83, the plugin `CodeInterpreter` is vulnerable to code injection caused by prompt injection. The root cause is the execution of user-provided prompts that generate untrusted code without a sandbox, allowing the execution of parts of the LLM-generated code. This vulnerability can be exploited by an attacker to achieve remote code execution (RCE) on the application backend server, potentially gaining full control of the server."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10950"},{"type":"source","label":"https://huntr.com/bounties/9abb1617-0c1d-42c7-a647-d9d2b39c6866","url":"https://huntr.com/bounties/9abb1617-0c1d-42c7-a647-d9d2b39c6866"}],"description":{"lang":"eng","value":"CVE-2024-10950 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10950","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-94","description":"CWE-94 Improper Control of Generation of Code","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-10954"},"affects":{"developer":["binary-husky"],"deployer":["binary-husky"],"artifacts":[{"type":"System","name":"binary-husky/gpt_academic"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-94: In the `manim` plugin of binary-husky/gpt_academic, versions prior to the fix, a vulnerability exists due to improper handling of user-provided prompts. The root cause is the execution of untrusted code generated by the LLM without a proper sandbox. This allows an attacker to perform remote code execution (RCE) on the app backend server by injecting malicious code through the prompt."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10954"},{"type":"source","label":"https://huntr.com/bounties/72d034e3-6ca2-495d-98a7-ac9565588c09","url":"https://huntr.com/bounties/72d034e3-6ca2-495d-98a7-ac9565588c09"}],"description":{"lang":"eng","value":"CVE-2024-10954 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-10954","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-94","description":"CWE-94 Improper Control of Generation of Code","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-11042"},"affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-73: In invoke-ai/invokeai version v5.0.2, the web API `POST /api/v1/images/delete` is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH keys, SQLite databases, and configuration files. This can impact the integrity and availability of applications relying on these files."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-11042"},{"type":"source","label":"https://huntr.com/bounties/635535a7-c804-4789-ac3a-48d951263987","url":"https://huntr.com/bounties/635535a7-c804-4789-ac3a-48d951263987"},{"type":"source","label":"https://github.com/invoke-ai/invokeai/commit/5440c037674882b2ab7acd59087e9bb04b49657a","url":"https://github.com/invoke-ai/invokeai/commit/5440c037674882b2ab7acd59087e9bb04b49657a"}],"description":{"lang":"eng","value":"CVE-2024-11042 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-11042","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-73","description":"CWE-73 External Control of File Name or Path","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-11043"},"affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-400: A Denial of Service (DoS) vulnerability was discovered in the /api/v1/boards/{board_id} endpoint of invoke-ai/invokeai version v5.0.2. This vulnerability occurs when an excessively large payload is sent in the board_name field during a PATCH request. By sending a large payload, the UI becomes unresponsive, rendering it impossible for users to interact with or manage the affected board. Additionally, the option to delete the board becomes inaccessible, amplifying the severity of the issue."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-11043"},{"type":"source","label":"https://huntr.com/bounties/9270900a-b8b7-402f-aee5-432d891e5648","url":"https://huntr.com/bounties/9270900a-b8b7-402f-aee5-432d891e5648"}],"description":{"lang":"eng","value":"CVE-2024-11043 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-11043","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-400","description":"CWE-400 Uncontrolled Resource Consumption","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-11300"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-639: In lunary-ai/lunary before version 1.6.3, an improper access control vulnerability exists where a user can access prompt data of another user. This issue affects version 1.6.2 and the main branch. The vulnerability allows unauthorized users to view sensitive prompt data by accessing specific URLs, leading to potential exposure of critical information."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-11300"},{"type":"source","label":"https://huntr.com/bounties/8dca7994-0d92-491e-a419-02adfe23ffa4","url":"https://huntr.com/bounties/8dca7994-0d92-491e-a419-02adfe23ffa4"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd","url":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd"}],"description":{"lang":"eng","value":"CVE-2024-11300 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-11300","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-639","description":"CWE-639 Authorization Bypass Through User-Controlled Key","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-11301"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-837: In lunary-ai/lunary before version 1.6.3, the application allows the creation of evaluators without enforcing a unique constraint on the combination of projectId and slug. This allows an attacker to overwrite existing data by submitting a POST request with the same slug as an existing evaluator. The lack of database constraints or application-layer validation to prevent duplicates exposes the application to data integrity issues. This vulnerability can result in corrupted data and potentially malicious actions, impairing the system's functionality."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-11301"},{"type":"source","label":"https://huntr.com/bounties/3d99aca5-b135-4833-b48b-7806bc4bf861","url":"https://huntr.com/bounties/3d99aca5-b135-4833-b48b-7806bc4bf861"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd","url":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd"}],"description":{"lang":"eng","value":"CVE-2024-11301 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-11301","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-837","description":"CWE-837 Improper Enforcement of a Single, Unique Action","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12029"},"affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-502: A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious code in model files, which is executed upon loading. This issue is fixed in version 5.4.3."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12029"},{"type":"source","label":"https://huntr.com/bounties/9b790f94-1b1b-4071-bc27-78445d1a87a3","url":"https://huntr.com/bounties/9b790f94-1b1b-4071-bc27-78445d1a87a3"},{"type":"source","label":"https://github.com/invoke-ai/invokeai/commit/756008dc5899081c5aa51e5bd8f24c1b3975a59e","url":"https://github.com/invoke-ai/invokeai/commit/756008dc5899081c5aa51e5bd8f24c1b3975a59e"}],"description":{"lang":"eng","value":"CVE-2024-12029 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-12029","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-502","description":"CWE-502 Deserialization of Untrusted Data","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12606"},"affects":{"developer":["opacewebdesign"],"deployer":["opacewebdesign"],"artifacts":[{"type":"System","name":"AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K)"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the engine_request_data() function in all versions up to, and including, 2.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update plugin settings."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12606"},{"type":"source","label":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4bc4a765-719e-4e99-b7f3-d255e4c019f5?source=cve","url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4bc4a765-719e-4e99-b7f3-d255e4c019f5?source=cve"},{"type":"source","label":"https://plugins.trac.wordpress.org/browser/ai-scribe-the-chatgpt-powered-seo-content-creation-wizard/trunk/article_builder.php#L730","url":"https://plugins.trac.wordpress.org/browser/ai-scribe-the-chatgpt-powered-seo-content-creation-wizard/trunk/article_builder.php#L730"}],"description":{"lang":"eng","value":"CVE-2024-12606 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-12606","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"published_date":"2025-01-10","last_modified_date":"2025-01-10"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12704"},"affects":{"developer":["run-llama"],"deployer":["run-llama"],"artifacts":[{"type":"System","name":"run-llama/llama_index"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-835: A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method executes the llm using a thread and retrieves the result via the get_response_gen method of the StreamingGeneratorCallbackHandler class. If the thread terminates abnormally before the _llm.predict is executed, there is no exception handling for this case, leading to an infinite loop in the get_response_gen function. This can be triggered by providing an input of an incorrect type, causing the thread to terminate and the process to continue running indefinitely."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12704"},{"type":"source","label":"https://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a","url":"https://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a"},{"type":"source","label":"https://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05","url":"https://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05"}],"description":{"lang":"eng","value":"CVE-2024-12704 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-12704","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-835","description":"CWE-835 Loop with Unreachable Exit Condition","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12779"},"affects":{"developer":["infiniflow"],"deployer":["infiniflow"],"artifacts":[{"type":"System","name":"infiniflow/ragflow"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-918: A Server-Side Request Forgery (SSRF) vulnerability exists in infiniflow/ragflow version 0.12.0. The vulnerability is present in the `POST /v1/llm/add_llm` and `POST /v1/conversation/tts` endpoints. Attackers can specify an arbitrary URL as the `api_base` when adding an `OPENAITTS` model, and subsequently access the `tts` REST API endpoint to read contents from the specified URL. This can lead to unauthorized access to internal web resources."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12779"},{"type":"source","label":"https://huntr.com/bounties/3cc748ba-2afb-4bfe-8553-10eb6d6dd4f0","url":"https://huntr.com/bounties/3cc748ba-2afb-4bfe-8553-10eb6d6dd4f0"}],"description":{"lang":"eng","value":"CVE-2024-12779 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-12779","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-918","description":"CWE-918 Server-Side Request Forgery (SSRF)","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12909"},"affects":{"developer":["run-llama"],"deployer":["run-llama"],"artifacts":[{"type":"System","name":"run-llama/llama_index"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-89: A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for SQL injection in the `run_sql_query` function of the `database_agent`. This vulnerability can be exploited by an attacker to inject arbitrary SQL queries, leading to remote code execution (RCE) through the use of PostgreSQL's large object functionality. The issue is fixed in version 0.3.0."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12909"},{"type":"source","label":"https://huntr.com/bounties/44e8177f-200a-4ba3-a12c-8bc21e313a3f","url":"https://huntr.com/bounties/44e8177f-200a-4ba3-a12c-8bc21e313a3f"},{"type":"source","label":"https://github.com/run-llama/llama_index/commit/5d03c175476452db9b8abcdb7d5767dd7b310a75","url":"https://github.com/run-llama/llama_index/commit/5d03c175476452db9b8abcdb7d5767dd7b310a75"}],"description":{"lang":"eng","value":"CVE-2024-12909 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-12909","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-89","description":"CWE-89 Improper Neutralization of Special Elements used in an SQL Command","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-12911"},"affects":{"developer":["run-llama"],"deployer":["run-llama"],"artifacts":[{"type":"System","name":"run-llama/llama_index"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-89: A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12911"},{"type":"source","label":"https://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3","url":"https://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3"},{"type":"source","label":"https://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e","url":"https://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e"}],"description":{"lang":"eng","value":"CVE-2024-12911 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-12911","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-89","description":"CWE-89 Improper Neutralization of Special Elements used in an SQL Command","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-49785"},"affects":{"developer":["IBM"],"deployer":["IBM"],"artifacts":[{"type":"System","name":"watsonx.ai"},{"type":"System","name":"watsonx.ai on Cloud Pak for Data"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-79: IBM watsonx.ai 1.1 through 2.0.3 and IBM watsonx.ai on Cloud Pak for Data 4.8 through 5.0.3 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-49785"},{"type":"source","label":"https://www.ibm.com/support/pages/node/7180723","url":"https://www.ibm.com/support/pages/node/7180723"}],"description":{"lang":"eng","value":"CVE-2024-49785 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-49785","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-79","description":"CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')","lang":"en"}]},"published_date":"2025-01-12","last_modified_date":"2025-01-13"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-6838"},"affects":{"developer":["mlflow"],"deployer":["mlflow"],"artifacts":[{"type":"System","name":"mlflow/mlflow"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-400: In mlflow/mlflow version v2.13.2, a vulnerability exists that allows the creation or renaming of an experiment with a large number of integers in its name due to the lack of a limit on the experiment name. This can cause the MLflow UI panel to become unresponsive, leading to a potential denial of service. Additionally, there is no character limit in the `artifact_location` parameter while creating the experiment."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-6838"},{"type":"source","label":"https://huntr.com/bounties/8ad52cb2-2cda-4eb0-aec9-586060ee43e0","url":"https://huntr.com/bounties/8ad52cb2-2cda-4eb0-aec9-586060ee43e0"}],"description":{"lang":"eng","value":"CVE-2024-6838 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-6838","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"cwe":[{"cweId":"CWE-400","description":"CWE-400 Uncontrolled Resource Consumption","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-6842"},"affects":{"developer":["mintplex-labs"],"deployer":["mintplex-labs"],"artifacts":[{"type":"System","name":"mintplex-labs/anything-llm"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-306: In version 1.5.5 of mintplex-labs/anything-llm, the `/setup-complete` API endpoint allows unauthorized users to access sensitive system settings. The data returned by the `currentSettings` function includes sensitive information such as API keys for search engines, which can be exploited by attackers to steal these keys and cause loss of user assets."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-6842"},{"type":"source","label":"https://huntr.com/bounties/cd911fc7-ac6b-4974-acd0-9cc926fa8d9e","url":"https://huntr.com/bounties/cd911fc7-ac6b-4974-acd0-9cc926fa8d9e"},{"type":"source","label":"https://github.com/mintplex-labs/anything-llm/commit/8b1ceb30c159cf3a10efa16275bc6849d84e4ea8","url":"https://github.com/mintplex-labs/anything-llm/commit/8b1ceb30c159cf3a10efa16275bc6849d84e4ea8"}],"description":{"lang":"eng","value":"CVE-2024-6842 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-6842","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-306","description":"CWE-306 Missing Authentication for Critical Function","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-8999"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST /api/v1/data-warehouse/bigquery endpoint. This vulnerability allows any user to export the entire database data by creating a stream to Google BigQuery without proper authentication or authorization. The issue is fixed in version 1.4.26."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-8999"},{"type":"source","label":"https://huntr.com/bounties/d42b7a44-0dcb-4ef0-b15c-d0e558da65c6","url":"https://huntr.com/bounties/d42b7a44-0dcb-4ef0-b15c-d0e558da65c6"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/aa0fd22952d1d84a717ae563eb1ab564d94a9e2b","url":"https://github.com/lunary-ai/lunary/commit/aa0fd22952d1d84a717ae563eb1ab564d94a9e2b"}],"description":{"lang":"eng","value":"CVE-2024-8999 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-8999","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2024-9000"},"affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: In lunary-ai/lunary before version 1.4.26, the checklists.post() endpoint allows users to create or modify checklists without validating whether the user has proper permissions. This missing access control permits unauthorized users to create checklists, bypassing intended permission checks. Additionally, the endpoint does not validate the uniqueness of the slug field when creating a new checklist, allowing an attacker to spoof existing checklists by reusing the slug of an already-existing checklist. This can lead to significant data integrity issues, as legitimate checklists can be replaced with malicious or altered data."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-9000"},{"type":"source","label":"https://huntr.com/bounties/f5fca549-0a4a-4f64-8ccf-d4e108856da4","url":"https://huntr.com/bounties/f5fca549-0a4a-4f64-8ccf-d4e108856da4"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/a02861ef9bb6ce860a35f7b8f178d58859cd85f0","url":"https://github.com/lunary-ai/lunary/commit/a02861ef9bb6ce860a35f7b8f178d58859cd85f0"}],"description":{"lang":"eng","value":"CVE-2024-9000 Detail"},"impact":{"avid":{"vuln_id":"CVE-2024-9000","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"published_date":"2025-03-20","last_modified_date":"2025-10-15"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-1550"},"affects":{"developer":["Google"],"deployer":["Google"],"artifacts":[{"type":"System","name":"Keras"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-94: The Keras Model.load_model function permits arbitrary code execution, even with safe_mode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their arguments, to be loaded and executed during model loading."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1550"},{"type":"source","label":"https://github.com/keras-team/keras/pull/20751","url":"https://github.com/keras-team/keras/pull/20751"},{"type":"source","label":"https://towerofhanoi.it/writeups/cve-2025-1550/","url":"https://towerofhanoi.it/writeups/cve-2025-1550/"}],"description":{"lang":"eng","value":"CVE-2025-1550 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-1550","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-94","description":"CWE-94: Improper Control of Generation of Code ('Code Injection')","lang":"en"}]},"published_date":"2025-03-11","last_modified_date":"2025-07-24"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-1716"},"affects":{"developer":["mmaitre314"],"deployer":["mmaitre314"],"artifacts":[{"type":"System","name":"picklescan"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-184: picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craft a malicious model that uses Pickle to pull in a malicious PyPI package (hosted, for example, on pypi.org or GitHub) via `pip.main()`. Because pip is not a restricted global, the model, when scanned with picklescan, would pass security checks and appear to be safe, when it could instead prove to be problematic."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1716"},{"type":"source","label":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1716","url":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1716"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/commit/78ce704227c51f070c0c5fb4b466d92c62a7aa3d","url":"https://github.com/mmaitre314/picklescan/commit/78ce704227c51f070c0c5fb4b466d92c62a7aa3d"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v","url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v"}],"description":{"lang":"eng","value":"CVE-2025-1716 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-1716","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-184","description":"CWE-184 Incomplete List of Disallowed Inputs","lang":"en"}]},"published_date":"2025-02-26","last_modified_date":"2025-03-03"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-1889"},"affects":{"developer":["mmaitre314"],"deployer":["mmaitre314"],"artifacts":[{"type":"System","name":"picklescan"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-646: picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An attacker could craft a malicious model that uses Pickle and include a malicious pickle file with a non-standard file extension. Because the malicious pickle file inclusion is not considered as part of the scope of picklescan, the file would pass security checks and appear to be safe, when it could instead prove to be problematic."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1889"},{"type":"source","label":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1889","url":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1889"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v","url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v"}],"description":{"lang":"eng","value":"CVE-2025-1889 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-1889","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-646","description":"CWE-646 Reliance on File Name or Extension of Externally-Supplied File","lang":"en"}]},"published_date":"2025-03-03","last_modified_date":"2025-03-04"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-1944"},"affects":{"developer":["mmaitre314"],"deployer":["mmaitre314"],"artifacts":[{"type":"System","name":"picklescan"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-345: picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan raise a BadZipFile error. However, PyTorch's more forgiving ZIP implementation still allows the model to be loaded, enabling malicious payloads to bypass detection."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1944"},{"type":"source","label":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1944","url":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1944"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-7q5r-7gvp-wc82","url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-7q5r-7gvp-wc82"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781","url":"https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781"}],"description":{"lang":"eng","value":"CVE-2025-1944 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-1944","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-345","description":"CWE-345 Insufficient Verification of Data Authenticity","lang":"en"}]},"published_date":"2025-03-10","last_modified_date":"2025-03-10"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-1945"},"affects":{"developer":["mmaitre314"],"deployer":["mmaitre314"],"artifacts":[{"type":"System","name":"picklescan"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-345: picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being successfully loaded by PyTorch's torch.load(). This can lead to arbitrary code execution when loading a compromised model."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1945"},{"type":"source","label":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1945","url":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1945"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-w8jq-xcqf-f792","url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-w8jq-xcqf-f792"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781","url":"https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781"}],"description":{"lang":"eng","value":"CVE-2025-1945 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-1945","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-345","description":"CWE-345 Insufficient Verification of Data Authenticity","lang":"en"}]},"published_date":"2025-03-10","last_modified_date":"2025-03-10"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-2129"},"affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"Mage AI"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-1188: A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. After 7 months of repeated follow-ups by the researcher, Mage AI has decided to not accept this issue as a valid security vulnerability and has confirmed that they will not be addressing it."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2129"},{"type":"source","label":"https://vuldb.com/?id.299049","url":"https://vuldb.com/?id.299049"},{"type":"source","label":"https://vuldb.com/?ctiid.299049","url":"https://vuldb.com/?ctiid.299049"},{"type":"source","label":"https://vuldb.com/?submit.510690","url":"https://vuldb.com/?submit.510690"},{"type":"source","label":"https://github.com/zn9988/publications/blob/main/2.Mage-AI%20-%20Insecure%20Default%20Authentication%20Setup%20Leading%20to%20Zero-Click%20RCE/README.md","url":"https://github.com/zn9988/publications/blob/main/2.Mage-AI%20-%20Insecure%20Default%20Authentication%20Setup%20Leading%20to%20Zero-Click%20RCE/README.md"}],"description":{"lang":"eng","value":"CVE-2025-2129 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-2129","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":5.6,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-1188","description":"Insecure Default Initialization of Resource","lang":"en"}]},"published_date":"2025-03-09","last_modified_date":"2025-03-10"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-21396"},"affects":{"developer":["Microsoft"],"deployer":["Microsoft"],"artifacts":[{"type":"System","name":"Microsoft Account"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: Missing authorization in Microsoft Account allows an unauthorized attacker to elevate privileges over a network."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-21396"},{"type":"source","label":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21396","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21396"}],"description":{"lang":"eng","value":"CVE-2025-21396 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-21396","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C","baseScore":8.2,"baseSeverity":"HIGH"},"cwe":[{"cweId":"CWE-862","description":"CWE-862: Missing Authorization","lang":"en-US"}]},"published_date":"2025-01-29","last_modified_date":"2025-09-09"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-21415"},"affects":{"developer":["Microsoft"],"deployer":["Microsoft"],"artifacts":[{"type":"System","name":"Azure AI Face Service"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-290: Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to elevate privileges over a network."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-21415"},{"type":"source","label":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21415","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21415"}],"description":{"lang":"eng","value":"CVE-2025-21415 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-21415","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C","baseScore":9.9,"baseSeverity":"CRITICAL"},"cwe":[{"cweId":"CWE-290","description":"CWE-290: Authentication Bypass by Spoofing","lang":"en-US"}]},"published_date":"2025-01-29","last_modified_date":"2025-09-09"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-23359"},"affects":{"developer":["NVIDIA"],"deployer":["NVIDIA"],"artifacts":[{"type":"System","name":"Container Toolkit"},{"type":"System","name":"GPU Operator"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-367: NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-23359"},{"type":"source","label":"https://nvidia.custhelp.com/app/answers/detail/a_id/5616","url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5616"}],"description":{"lang":"eng","value":"CVE-2025-23359 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-23359","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-367","description":"CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition","lang":"en"}]},"published_date":"2025-02-12","last_modified_date":"2025-04-11"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-2450"},"affects":{"developer":["NI"],"deployer":["NI"],"artifacts":[{"type":"System","name":"Vision Builder AI"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-356: NI Vision Builder AI VBAI File Processing Missing Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI Vision Builder AI. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the processing of VBAI files. The issue results from allowing the execution of dangerous script without user warning. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22833."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2450"},{"type":"source","label":"https://www.zerodayinitiative.com/advisories/ZDI-25-147/","url":"https://www.zerodayinitiative.com/advisories/ZDI-25-147/"}],"description":{"lang":"eng","value":"CVE-2025-2450 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-2450","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH"},"cwe":[{"cweId":"CWE-356","description":"CWE-356: Product UI does not Warn User of Unsafe Actions","lang":"en"}]},"published_date":"2025-03-18","last_modified_date":"2025-03-18"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-24986"},"affects":{"developer":["Microsoft"],"deployer":["Microsoft"],"artifacts":[{"type":"System","name":"Azure promptflow-core"},{"type":"System","name":"Azure promptflow-tools"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-653: Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-24986"},{"type":"source","label":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24986","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24986"}],"description":{"lang":"eng","value":"CVE-2025-24986 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-24986","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C","baseScore":6.5,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-653","description":"CWE-653: Improper Isolation or Compartmentalization","lang":"en-US"}]},"published_date":"2025-03-11","last_modified_date":"2025-05-19"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-27520"},"affects":{"developer":["bentoml"],"deployer":["bentoml"],"artifacts":[{"type":"System","name":"BentoML"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-502: BentoML is a Python library for building online serving systems optimized for AI apps and model inference. A Remote Code Execution (RCE) vulnerability caused by insecure deserialization has been identified in the latest version (v1.4.2) of BentoML. It allows any unauthenticated user to execute arbitrary code on the server. It exists an unsafe code segment in serde.py. This vulnerability is fixed in 1.4.3."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-27520"},{"type":"source","label":"https://github.com/bentoml/BentoML/security/advisories/GHSA-33xw-247w-6hmc","url":"https://github.com/bentoml/BentoML/security/advisories/GHSA-33xw-247w-6hmc"},{"type":"source","label":"https://github.com/bentoml/BentoML/commit/b35f4f4fcc53a8c3fe8ed9c18a013fe0a728e194","url":"https://github.com/bentoml/BentoML/commit/b35f4f4fcc53a8c3fe8ed9c18a013fe0a728e194"}],"description":{"lang":"eng","value":"CVE-2025-27520 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-27520","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-502","description":"CWE-502: Deserialization of Untrusted Data","lang":"en"}]},"published_date":"2025-04-04","last_modified_date":"2025-04-04"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-2867"},"affects":{"developer":["GitLab"],"deployer":["GitLab"],"artifacts":[{"type":"System","name":"GitLab"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-94: An issue has been discovered in the GitLab Duo with Amazon Q affecting all versions from 17.8 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. A specifically crafted issue could manipulate AI-assisted development features to potentially expose sensitive project data to unauthorized users."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2867"},{"type":"source","label":"https://gitlab.com/gitlab-org/gitlab/-/issues/512509","url":"https://gitlab.com/gitlab-org/gitlab/-/issues/512509"}],"description":{"lang":"eng","value":"CVE-2025-2867 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-2867","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-94","description":"CWE-94: Improper Control of Generation of Code ('Code Injection')","lang":"en"}]},"published_date":"2025-03-27","last_modified_date":"2025-03-27"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-2998"},"affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability was found in PyTorch 2.6.0. It has been declared as critical. Affected by this vulnerability is the function torch.nn.utils.rnn.pad_packed_sequence. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2998"},{"type":"source","label":"https://vuldb.com/?id.302047","url":"https://vuldb.com/?id.302047"},{"type":"source","label":"https://vuldb.com/?ctiid.302047","url":"https://vuldb.com/?ctiid.302047"},{"type":"source","label":"https://vuldb.com/?submit.524151","url":"https://vuldb.com/?submit.524151"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149622","url":"https://github.com/pytorch/pytorch/issues/149622"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149622#issue-2935495265","url":"https://github.com/pytorch/pytorch/issues/149622#issue-2935495265"}],"description":{"lang":"eng","value":"CVE-2025-2998 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-2998","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"published_date":"2025-03-31","last_modified_date":"2025-03-31"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-2999"},"affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability was found in PyTorch 2.6.0. It has been rated as critical. Affected by this issue is the function torch.nn.utils.rnn.unpack_sequence. The manipulation leads to memory corruption. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2999"},{"type":"source","label":"https://vuldb.com/?id.302048","url":"https://vuldb.com/?id.302048"},{"type":"source","label":"https://vuldb.com/?ctiid.302048","url":"https://vuldb.com/?ctiid.302048"},{"type":"source","label":"https://vuldb.com/?submit.524198","url":"https://vuldb.com/?submit.524198"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149622","url":"https://github.com/pytorch/pytorch/issues/149622"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149622#issue-2935495265","url":"https://github.com/pytorch/pytorch/issues/149622#issue-2935495265"}],"description":{"lang":"eng","value":"CVE-2025-2999 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-2999","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"published_date":"2025-03-31","last_modified_date":"2025-03-31"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-3000"},"affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability classified as critical has been found in PyTorch 2.6.0. This affects the function torch.jit.script. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3000"},{"type":"source","label":"https://vuldb.com/?id.302049","url":"https://vuldb.com/?id.302049"},{"type":"source","label":"https://vuldb.com/?ctiid.302049","url":"https://vuldb.com/?ctiid.302049"},{"type":"source","label":"https://vuldb.com/?submit.524197","url":"https://vuldb.com/?submit.524197"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149623","url":"https://github.com/pytorch/pytorch/issues/149623"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149623#issue-2935703015","url":"https://github.com/pytorch/pytorch/issues/149623#issue-2935703015"}],"description":{"lang":"eng","value":"CVE-2025-3000 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-3000","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"published_date":"2025-03-31","last_modified_date":"2025-03-31"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-3001"},"affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstm_cell. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3001"},{"type":"source","label":"https://vuldb.com/?id.302050","url":"https://vuldb.com/?id.302050"},{"type":"source","label":"https://vuldb.com/?ctiid.302050","url":"https://vuldb.com/?ctiid.302050"},{"type":"source","label":"https://vuldb.com/?submit.524212","url":"https://vuldb.com/?submit.524212"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149626","url":"https://github.com/pytorch/pytorch/issues/149626"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149626#issue-2935860995","url":"https://github.com/pytorch/pytorch/issues/149626#issue-2935860995"}],"description":{"lang":"eng","value":"CVE-2025-3001 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-3001","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"published_date":"2025-03-31","last_modified_date":"2025-03-31"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-3035"},"affects":{"developer":["Mozilla"],"deployer":["Mozilla"],"artifacts":[{"type":"System","name":"Firefox"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"By first using the AI chatbot in one tab and later activating it in another tab, the document title of the previous tab would leak into the chat prompt. This vulnerability affects Firefox < 137."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3035"},{"type":"source","label":"https://bugzilla.mozilla.org/show_bug.cgi?id=1952268","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1952268"},{"type":"source","label":"https://www.mozilla.org/security/advisories/mfsa2025-20/","url":"https://www.mozilla.org/security/advisories/mfsa2025-20/"}],"description":{"lang":"eng","value":"CVE-2025-3035 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-3035","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}},"published_date":"2025-04-01","last_modified_date":"2025-04-10"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-3121"},"affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jit_module_from_flatbuffer. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3121"},{"type":"source","label":"https://vuldb.com/?id.303012","url":"https://vuldb.com/?id.303012"},{"type":"source","label":"https://vuldb.com/?ctiid.303012","url":"https://vuldb.com/?ctiid.303012"},{"type":"source","label":"https://vuldb.com/?submit.525049","url":"https://vuldb.com/?submit.525049"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149800","url":"https://github.com/pytorch/pytorch/issues/149800"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149800#issue-2940240700","url":"https://github.com/pytorch/pytorch/issues/149800#issue-2940240700"}],"description":{"lang":"eng","value":"CVE-2025-3121 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-3121","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"published_date":"2025-04-02","last_modified_date":"2025-04-03"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-3136"},"affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function torch.cuda.memory.caching_allocator_delete of the file c10/cuda/CUDACachingAllocator.cpp. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3136"},{"type":"source","label":"https://vuldb.com/?id.303041","url":"https://vuldb.com/?id.303041"},{"type":"source","label":"https://vuldb.com/?ctiid.303041","url":"https://vuldb.com/?ctiid.303041"},{"type":"source","label":"https://vuldb.com/?submit.525252","url":"https://vuldb.com/?submit.525252"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149821","url":"https://github.com/pytorch/pytorch/issues/149821"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149821#issuecomment-2765311086","url":"https://github.com/pytorch/pytorch/issues/149821#issuecomment-2765311086"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149821#issue-2940838975","url":"https://github.com/pytorch/pytorch/issues/149821#issue-2940838975"}],"description":{"lang":"eng","value":"CVE-2025-3136 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-3136","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"published_date":"2025-04-03","last_modified_date":"2025-04-03"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-3199"},"affects":{"developer":["ageerle"],"deployer":["ageerle"],"artifacts":[{"type":"System","name":"ruoyi-ai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-285, CWE-266: A vulnerability was found in ageerle ruoyi-ai up to 2.0.1 and classified as critical. Affected by this issue is some unknown functionality of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysModelController.java of the component API Interface. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.2 is able to address this issue. The name of the patch is c0daf641fb25b244591b7a6c3affa35c69d321fe. It is recommended to upgrade the affected component."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3199"},{"type":"source","label":"https://vuldb.com/?id.303152","url":"https://vuldb.com/?id.303152"},{"type":"source","label":"https://vuldb.com/?ctiid.303152","url":"https://vuldb.com/?ctiid.303152"},{"type":"source","label":"https://vuldb.com/?submit.545830","url":"https://vuldb.com/?submit.545830"},{"type":"source","label":"https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_01.md","url":"https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_01.md"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/issues/43#issuecomment-2763091490","url":"https://github.com/ageerle/ruoyi-ai/issues/43#issuecomment-2763091490"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/issues/43","url":"https://github.com/ageerle/ruoyi-ai/issues/43"},{"type":"source","label":"https://github.com/gwozai/ruoyi-ai/commit/c0daf641fb25b244591b7a6c3affa35c69d321fe","url":"https://github.com/gwozai/ruoyi-ai/commit/c0daf641fb25b244591b7a6c3affa35c69d321fe"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/releases/tag/v2.0.2","url":"https://github.com/ageerle/ruoyi-ai/releases/tag/v2.0.2"}],"description":{"lang":"eng","value":"CVE-2025-3199 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-3199","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH"},"cwe":[{"cweId":"CWE-285","description":"Improper Authorization","lang":"en"},{"cweId":"CWE-266","description":"Incorrect Privilege Assignment","lang":"en"}]},"published_date":"2025-04-04","last_modified_date":"2025-04-04"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-32018"},"affects":{"developer":["getcursor"],"deployer":["getcursor"],"artifacts":[{"type":"System","name":"cursor"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-22: Cursor is a code editor built for programming with AI. In versions 0.45.0 through 0.48.6, the Cursor app introduced a regression affecting the set of file paths the Cursor Agent is permitted to modify automatically. Under specific conditions, the agent could be prompted, either directly by the user or via maliciously crafted context, to automatically write to files outside of the opened workspace. This behavior required deliberate prompting, making successful exploitation highly impractical in real-world scenarios. Furthermore, the edited file was still displayed in the UI as usual for user review, making it unlikely for the edit to go unnoticed by the user. This vulnerability is fixed in 0.48.7."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-32018"},{"type":"source","label":"https://github.com/getcursor/cursor/security/advisories/GHSA-qjh8-mh96-fc86","url":"https://github.com/getcursor/cursor/security/advisories/GHSA-qjh8-mh96-fc86"}],"description":{"lang":"eng","value":"CVE-2025-32018 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-32018","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-22","description":"CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","lang":"en"}]},"published_date":"2025-04-08","last_modified_date":"2025-04-08"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-3202"},"affects":{"developer":["ageerle"],"deployer":["ageerle"],"artifacts":[{"type":"System","name":"ruoyi-ai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-285, CWE-266: A vulnerability classified as critical has been found in ageerle ruoyi-ai up to 2.0.0. Affected is an unknown function of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysNoticeController.java. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.1 is able to address this issue. The name of the patch is 6382e177bf90cc56ff70521842409e35c50df32d. It is recommended to upgrade the affected component."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3202"},{"type":"source","label":"https://vuldb.com/?id.303156","url":"https://vuldb.com/?id.303156"},{"type":"source","label":"https://vuldb.com/?ctiid.303156","url":"https://vuldb.com/?ctiid.303156"},{"type":"source","label":"https://vuldb.com/?submit.545866","url":"https://vuldb.com/?submit.545866"},{"type":"source","label":"https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_02.md","url":"https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_02.md"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/issues/44#issue-2957771318","url":"https://github.com/ageerle/ruoyi-ai/issues/44#issue-2957771318"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/commit/6382e177bf90cc56ff70521842409e35c50df32d","url":"https://github.com/ageerle/ruoyi-ai/commit/6382e177bf90cc56ff70521842409e35c50df32d"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/releases/tag/v2.0.1","url":"https://github.com/ageerle/ruoyi-ai/releases/tag/v2.0.1"}],"description":{"lang":"eng","value":"CVE-2025-3202 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-3202","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH"},"cwe":[{"cweId":"CWE-285","description":"Improper Authorization","lang":"en"},{"cweId":"CWE-266","description":"Incorrect Privilege Assignment","lang":"en"}]},"published_date":"2025-04-04","last_modified_date":"2025-04-04"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-32375"},"affects":{"developer":["bentoml"],"deployer":["bentoml"],"artifacts":[{"type":"System","name":"BentoML"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-502: BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.8, there was an insecure deserialization in BentoML's runner server. By setting specific headers and parameters in the POST request, it is possible to execute any unauthorized arbitrary code on the server, which will grant the attackers to have the initial access and information disclosure on the server. This vulnerability is fixed in 1.4.8."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-32375"},{"type":"source","label":"https://github.com/bentoml/BentoML/security/advisories/GHSA-7v4r-c989-xh26","url":"https://github.com/bentoml/BentoML/security/advisories/GHSA-7v4r-c989-xh26"}],"description":{"lang":"eng","value":"CVE-2025-32375 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-32375","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-502","description":"CWE-502: Deserialization of Untrusted Data","lang":"en"}]},"published_date":"2025-04-09","last_modified_date":"2025-04-09"} -{"data_type":"AVID","data_version":"0.2","metadata":{"vuln_id":"CVE-2025-3248"},"affects":{"developer":["langflow-ai"],"deployer":["langflow-ai"],"artifacts":[{"type":"System","name":"langflow"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-306: Langflow versions prior to 1.3.0 are susceptible to code injection in \nthe /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary\ncode."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3248"},{"type":"source","label":"https://github.com/langflow-ai/langflow/pull/6911","url":"https://github.com/langflow-ai/langflow/pull/6911"},{"type":"source","label":"https://github.com/langflow-ai/langflow/releases/tag/1.3.0","url":"https://github.com/langflow-ai/langflow/releases/tag/1.3.0"},{"type":"source","label":"https://www.horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/","url":"https://www.horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/"},{"type":"source","label":"https://www.vulncheck.com/advisories/langflow-unauthenticated-rce","url":"https://www.vulncheck.com/advisories/langflow-unauthenticated-rce"}],"description":{"lang":"eng","value":"CVE-2025-3248 Detail"},"impact":{"avid":{"vuln_id":"CVE-2025-3248","risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-306","description":"CWE-306 Missing Authentication for Critical Function","lang":"en"}]},"published_date":"2025-04-07","last_modified_date":"2025-11-29"} diff --git a/mileva_reports.jsonl b/mileva_reports.jsonl deleted file mode 100644 index 98cd997..0000000 --- a/mileva_reports.jsonl +++ /dev/null @@ -1,58 +0,0 @@ -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["NVIDIA"],"deployer":["NVIDIA"],"artifacts":[{"type":"System","name":"Container Toolkit"},{"type":"System","name":"GPU Operator"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-367: NVIDIA Container Toolkit 1.16.1 or earlier contains a Time-of-check Time-of-Use (TOCTOU) vulnerability when used with default configuration where a specifically crafted container image may gain access to the host file system. This does not impact use cases where CDI is used. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-0132"},{"type":"source","label":"https://nvidia.custhelp.com/app/answers/detail/a_id/5582","url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5582"}],"description":{"lang":"eng","value":"CVE-2024-0132 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":9.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-367","description":"CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition","lang":"en"}]},"reported_date":"2024-09-26"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["mintplex-labs"],"deployer":["mintplex-labs"],"artifacts":[{"type":"System","name":"mintplex-labs/anything-llm"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-863: A vulnerability in the mintplex-labs/anything-llm repository, as of commit 5c40419, allows low privilege users to access the sensitive API endpoint \"/api/system/custom-models\". This access enables them to modify the model's API key and base path, leading to potential API key leakage and denial of service on chats."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10109"},{"type":"source","label":"https://huntr.com/bounties/ad3c9e76-679d-4775-b203-96947ff73551","url":"https://huntr.com/bounties/ad3c9e76-679d-4775-b203-96947ff73551"},{"type":"source","label":"https://github.com/mintplex-labs/anything-llm/commit/8d302c3f670c582b09d47e96132c248101447a11","url":"https://github.com/mintplex-labs/anything-llm/commit/8d302c3f670c582b09d47e96132c248101447a11"}],"description":{"lang":"eng","value":"CVE-2024-10109 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"LOW","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-863","description":"CWE-863 Incorrect Authorization","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-863: In lunary-ai/lunary v1.5.0, improper privilege management in the models.ts file allows users with viewer roles to modify models owned by others. The PATCH endpoint for models does not have appropriate privilege checks, enabling low-privilege users to update models they should not have access to modify. This vulnerability could lead to unauthorized changes in critical resources, affecting the integrity and reliability of the system."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10273"},{"type":"source","label":"https://huntr.com/bounties/883d9fe2-5730-41e1-a5c2-59972489876e","url":"https://huntr.com/bounties/883d9fe2-5730-41e1-a5c2-59972489876e"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc","url":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc"}],"description":{"lang":"eng","value":"CVE-2024-10273 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-863","description":"CWE-863 Incorrect Authorization","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: An improper authorization vulnerability exists in lunary-ai/lunary version 1.5.5. The /users/me/org endpoint lacks adequate access control mechanisms, allowing unauthorized users to access sensitive information about all team members in the current organization. This vulnerability can lead to the disclosure of sensitive information such as names, roles, or emails to users without sufficient privileges, resulting in privacy violations and potential reconnaissance for targeted attacks."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10274"},{"type":"source","label":"https://huntr.com/bounties/506459c1-da60-45c5-a10d-8bd540a4b4c1","url":"https://huntr.com/bounties/506459c1-da60-45c5-a10d-8bd540a4b4c1"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc","url":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc"}],"description":{"lang":"eng","value":"CVE-2024-10274 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: In lunary-ai/lunary version 1.5.6, the `/v1/evaluators/` endpoint lacks proper access control, allowing any user associated with a project to fetch all evaluator data regardless of their role. This vulnerability permits low-privilege users to access potentially sensitive evaluation data."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10330"},{"type":"source","label":"https://huntr.com/bounties/598ecd65-1723-4fb7-a9aa-9c4f56a5a2aa","url":"https://huntr.com/bounties/598ecd65-1723-4fb7-a9aa-9c4f56a5a2aa"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc","url":"https://github.com/lunary-ai/lunary/commit/8ba1b8ba2c2c30b1cec30eb5777c1fda670cbbfc"}],"description":{"lang":"eng","value":"CVE-2024-10330 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["mintplex-labs"],"deployer":["mintplex-labs"],"artifacts":[{"type":"System","name":"mintplex-labs/anything-llm"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-23: A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs/anything-llm, affecting the latest version prior to 1.2.2. This vulnerability allows users with the 'manager' role to access and manipulate the 'anythingllm.db' database file. By exploiting the vulnerable endpoint '/api/document/move-files', an attacker can move the database file to a publicly accessible directory, download it, and subsequently delete it. This can lead to unauthorized access to sensitive data, privilege escalation, and potential data loss."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10513"},{"type":"source","label":"https://huntr.com/bounties/ad11cecf-161a-4fb1-986f-6f88272cbb9e","url":"https://huntr.com/bounties/ad11cecf-161a-4fb1-986f-6f88272cbb9e"},{"type":"source","label":"https://github.com/mintplex-labs/anything-llm/commit/47a5c7126c20e2277ee56e2c7ee11990886a40a7","url":"https://github.com/mintplex-labs/anything-llm/commit/47a5c7126c20e2277ee56e2c7ee11990886a40a7"}],"description":{"lang":"eng","value":"CVE-2024-10513 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-23","description":"CWE-23 Relative Path Traversal","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: In lunary-ai/lunary before version 1.5.9, the /v1/evaluators/ endpoint allows users to delete evaluators of a project by sending a DELETE request. However, the route lacks proper access control, such as middleware to ensure that only users with appropriate roles can delete evaluator data. This vulnerability allows low-privilege users to delete evaluators data, causing permanent data loss and potentially hindering operations."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10762"},{"type":"source","label":"https://huntr.com/bounties/23ab508e-d956-4861-b28f-0569d3b404a6","url":"https://huntr.com/bounties/23ab508e-d956-4861-b28f-0569d3b404a6"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/91587496673da24cb7ddedfbbd6e602592b20ef6","url":"https://github.com/lunary-ai/lunary/commit/91587496673da24cb7ddedfbbd6e602592b20ef6"}],"description":{"lang":"eng","value":"CVE-2024-10762 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-835: A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of the Invoke-AI server (version v5.0.1) allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and a complete denial of service for all users. The affected endpoint is `/api/v1/images/upload`."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10821"},{"type":"source","label":"https://huntr.com/bounties/0ac24835-c4c0-4f11-938a-d5641dfb80b2","url":"https://huntr.com/bounties/0ac24835-c4c0-4f11-938a-d5641dfb80b2"}],"description":{"lang":"eng","value":"CVE-2024-10821 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-835","description":"CWE-835 Loop with Unreachable Exit Condition","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-835: A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of eosphoros-ai/db-gpt v0.6.0 allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and complete denial of service for all users. This vulnerability affects all endpoints processing multipart/form-data requests."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10829"},{"type":"source","label":"https://huntr.com/bounties/e3a4a0ad-a2e0-497f-a2e0-e3c0ec7c4de4","url":"https://huntr.com/bounties/e3a4a0ad-a2e0-497f-a2e0-e3c0ec7c4de4"}],"description":{"lang":"eng","value":"CVE-2024-10829 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-835","description":"CWE-835 Loop with Unreachable Exit Condition","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-22: A Path Traversal vulnerability exists in the eosphoros-ai/db-gpt version 0.6.0 at the API endpoint `/v1/resource/file/delete`. This vulnerability allows an attacker to delete any file on the server by manipulating the `file_key` parameter. The `file_key` parameter is not properly sanitized, enabling an attacker to specify arbitrary file paths. If the specified file exists, the application will delete it."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10830"},{"type":"source","label":"https://huntr.com/bounties/26adf08a-9262-4d5a-a2ee-ce12ed919620","url":"https://huntr.com/bounties/26adf08a-9262-4d5a-a2ee-ce12ed919620"}],"description":{"lang":"eng","value":"CVE-2024-10830 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","baseScore":8.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-22","description":"CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-36: In eosphoros-ai/db-gpt version 0.6.0, the endpoint for uploading files is vulnerable to absolute path traversal. This vulnerability allows an attacker to upload arbitrary files to arbitrary locations on the target server. The issue arises because the `file_key` and `doc_file.filename` parameters are user-controllable, enabling the construction of paths outside the intended directory. This can lead to overwriting essential system files, such as SSH keys, for further exploitation."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10831"},{"type":"source","label":"https://huntr.com/bounties/5c34c39f-66d4-414c-ab6a-f7888a5d882a","url":"https://huntr.com/bounties/5c34c39f-66d4-414c-ab6a-f7888a5d882a"}],"description":{"lang":"eng","value":"CVE-2024-10831 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-36","description":"CWE-36 Absolute Path Traversal","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-36: eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file write through the knowledge API. The endpoint for uploading files as 'knowledge' is susceptible to absolute path traversal, allowing attackers to write files to arbitrary locations on the target server. This vulnerability arises because the 'doc_file.filename' parameter is user-controllable, enabling the construction of absolute paths."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10833"},{"type":"source","label":"https://huntr.com/bounties/dc58e981-e325-4c11-b4e1-1095890fd15a","url":"https://huntr.com/bounties/dc58e981-e325-4c11-b4e1-1095890fd15a"}],"description":{"lang":"eng","value":"CVE-2024-10833 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-36","description":"CWE-36 Absolute Path Traversal","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-73: eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that allows for arbitrary file write. The issue arises from the ability to pass an absolute path to a call to `os.path.join`, enabling an attacker to write files to arbitrary locations on the target server. This vulnerability can be exploited by setting the `doc_file.filename` to an absolute path, which can lead to overwriting system files or creating new SSH-key entries."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10834"},{"type":"source","label":"https://huntr.com/bounties/0d598508-151a-4050-9ccd-31bb82955e7a","url":"https://huntr.com/bounties/0d598508-151a-4050-9ccd-31bb82955e7a"}],"description":{"lang":"eng","value":"CVE-2024-10834 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-73","description":"CWE-73 External Control of File Name or Path","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-89: In eosphoros-ai/db-gpt version v0.6.0, the web API `POST /api/v1/editor/sql/run` allows execution of arbitrary SQL queries without any access control. This vulnerability can be exploited by attackers to perform Arbitrary File Write using DuckDB SQL, enabling them to write arbitrary files to the victim's file system. This can potentially lead to Remote Code Execution (RCE)."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10835"},{"type":"source","label":"https://huntr.com/bounties/e32fda74-ca83-431c-8de8-08274ba686c9","url":"https://huntr.com/bounties/e32fda74-ca83-431c-8de8-08274ba686c9"}],"description":{"lang":"eng","value":"CVE-2024-10835 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-89","description":"CWE-89 Improper Neutralization of Special Elements used in an SQL Command","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["eosphoros-ai"],"deployer":["eosphoros-ai"],"artifacts":[{"type":"System","name":"eosphoros-ai/db-gpt"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-352: In version 0.6.0 of eosphoros-ai/db-gpt, the `uvicorn` app created by `dbgpt_server` uses an overly permissive instance of `CORSMiddleware` which sets the `Access-Control-Allow-Origin` to `*` for all requests. This configuration makes all endpoints exposed by the server vulnerable to Cross-Site Request Forgery (CSRF). An attacker can exploit this vulnerability to interact with any endpoints of the instance, even if the instance is not publicly exposed to the network."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10906"},{"type":"source","label":"https://huntr.com/bounties/8864aca5-a342-4dab-b866-b2882ba6f160","url":"https://huntr.com/bounties/8864aca5-a342-4dab-b866-b2882ba6f160"}],"description":{"lang":"eng","value":"CVE-2024-10906 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"LOW"},"cwe":[{"cweId":"CWE-352","description":"CWE-352 Cross-Site Request Forgery (CSRF)","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["langchain-ai"],"deployer":["langchain-ai"],"artifacts":[{"type":"System","name":"langchain-ai/langchain"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-497: A vulnerability in langchain-core versions >=0.1.17,<0.1.53, >=0.2.0,<0.2.43, and >=0.3.0,<0.3.15 allows unauthorized users to read arbitrary files from the host file system. The issue arises from the ability to create langchain_core.prompts.ImagePromptTemplate's (and by extension langchain_core.prompts.ChatPromptTemplate's) with input variables that can read any user-specified path from the server file system. If the outputs of these prompt templates are exposed to the user, either directly or through downstream model outputs, it can lead to the exposure of sensitive information."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10940"},{"type":"source","label":"https://huntr.com/bounties/be1ee1cb-2147-4ff4-a57b-b6045271cf27","url":"https://huntr.com/bounties/be1ee1cb-2147-4ff4-a57b-b6045271cf27"},{"type":"source","label":"https://github.com/langchain-ai/langchain/commit/c1e742347f9701aadba8920e4d1f79a636e50b68","url":"https://github.com/langchain-ai/langchain/commit/c1e742347f9701aadba8920e4d1f79a636e50b68"}],"description":{"lang":"eng","value":"CVE-2024-10940 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-497","description":"CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["binary-husky"],"deployer":["binary-husky"],"artifacts":[{"type":"System","name":"binary-husky/gpt_academic"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-94: In binary-husky/gpt_academic version <= 3.83, the plugin `CodeInterpreter` is vulnerable to code injection caused by prompt injection. The root cause is the execution of user-provided prompts that generate untrusted code without a sandbox, allowing the execution of parts of the LLM-generated code. This vulnerability can be exploited by an attacker to achieve remote code execution (RCE) on the application backend server, potentially gaining full control of the server."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10950"},{"type":"source","label":"https://huntr.com/bounties/9abb1617-0c1d-42c7-a647-d9d2b39c6866","url":"https://huntr.com/bounties/9abb1617-0c1d-42c7-a647-d9d2b39c6866"}],"description":{"lang":"eng","value":"CVE-2024-10950 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-94","description":"CWE-94 Improper Control of Generation of Code","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["binary-husky"],"deployer":["binary-husky"],"artifacts":[{"type":"System","name":"binary-husky/gpt_academic"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-94: In the `manim` plugin of binary-husky/gpt_academic, versions prior to the fix, a vulnerability exists due to improper handling of user-provided prompts. The root cause is the execution of untrusted code generated by the LLM without a proper sandbox. This allows an attacker to perform remote code execution (RCE) on the app backend server by injecting malicious code through the prompt."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-10954"},{"type":"source","label":"https://huntr.com/bounties/72d034e3-6ca2-495d-98a7-ac9565588c09","url":"https://huntr.com/bounties/72d034e3-6ca2-495d-98a7-ac9565588c09"}],"description":{"lang":"eng","value":"CVE-2024-10954 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-94","description":"CWE-94 Improper Control of Generation of Code","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-73: In invoke-ai/invokeai version v5.0.2, the web API `POST /api/v1/images/delete` is vulnerable to Arbitrary File Deletion. This vulnerability allows unauthorized attackers to delete arbitrary files on the server, potentially including critical or sensitive system files such as SSH keys, SQLite databases, and configuration files. This can impact the integrity and availability of applications relying on these files."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-11042"},{"type":"source","label":"https://huntr.com/bounties/635535a7-c804-4789-ac3a-48d951263987","url":"https://huntr.com/bounties/635535a7-c804-4789-ac3a-48d951263987"},{"type":"source","label":"https://github.com/invoke-ai/invokeai/commit/5440c037674882b2ab7acd59087e9bb04b49657a","url":"https://github.com/invoke-ai/invokeai/commit/5440c037674882b2ab7acd59087e9bb04b49657a"}],"description":{"lang":"eng","value":"CVE-2024-11042 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-73","description":"CWE-73 External Control of File Name or Path","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-400: A Denial of Service (DoS) vulnerability was discovered in the /api/v1/boards/{board_id} endpoint of invoke-ai/invokeai version v5.0.2. This vulnerability occurs when an excessively large payload is sent in the board_name field during a PATCH request. By sending a large payload, the UI becomes unresponsive, rendering it impossible for users to interact with or manage the affected board. Additionally, the option to delete the board becomes inaccessible, amplifying the severity of the issue."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-11043"},{"type":"source","label":"https://huntr.com/bounties/9270900a-b8b7-402f-aee5-432d891e5648","url":"https://huntr.com/bounties/9270900a-b8b7-402f-aee5-432d891e5648"}],"description":{"lang":"eng","value":"CVE-2024-11043 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-400","description":"CWE-400 Uncontrolled Resource Consumption","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-639: In lunary-ai/lunary before version 1.6.3, an improper access control vulnerability exists where a user can access prompt data of another user. This issue affects version 1.6.2 and the main branch. The vulnerability allows unauthorized users to view sensitive prompt data by accessing specific URLs, leading to potential exposure of critical information."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-11300"},{"type":"source","label":"https://huntr.com/bounties/8dca7994-0d92-491e-a419-02adfe23ffa4","url":"https://huntr.com/bounties/8dca7994-0d92-491e-a419-02adfe23ffa4"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd","url":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd"}],"description":{"lang":"eng","value":"CVE-2024-11300 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-639","description":"CWE-639 Authorization Bypass Through User-Controlled Key","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-837: In lunary-ai/lunary before version 1.6.3, the application allows the creation of evaluators without enforcing a unique constraint on the combination of projectId and slug. This allows an attacker to overwrite existing data by submitting a POST request with the same slug as an existing evaluator. The lack of database constraints or application-layer validation to prevent duplicates exposes the application to data integrity issues. This vulnerability can result in corrupted data and potentially malicious actions, impairing the system's functionality."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-11301"},{"type":"source","label":"https://huntr.com/bounties/3d99aca5-b135-4833-b48b-7806bc4bf861","url":"https://huntr.com/bounties/3d99aca5-b135-4833-b48b-7806bc4bf861"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd","url":"https://github.com/lunary-ai/lunary/commit/79dc370596d979b756f6ea0250d97a2d02385ecd"}],"description":{"lang":"eng","value":"CVE-2024-11301 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-837","description":"CWE-837 Improper Enforcement of a Single, Unique Action","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["invoke-ai"],"deployer":["invoke-ai"],"artifacts":[{"type":"System","name":"invoke-ai/invokeai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-502: A remote code execution vulnerability exists in invoke-ai/invokeai versions 5.3.1 through 5.4.2 via the /api/v2/models/install API. The vulnerability arises from unsafe deserialization of model files using torch.load without proper validation. Attackers can exploit this by embedding malicious code in model files, which is executed upon loading. This issue is fixed in version 5.4.3."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12029"},{"type":"source","label":"https://huntr.com/bounties/9b790f94-1b1b-4071-bc27-78445d1a87a3","url":"https://huntr.com/bounties/9b790f94-1b1b-4071-bc27-78445d1a87a3"},{"type":"source","label":"https://github.com/invoke-ai/invokeai/commit/756008dc5899081c5aa51e5bd8f24c1b3975a59e","url":"https://github.com/invoke-ai/invokeai/commit/756008dc5899081c5aa51e5bd8f24c1b3975a59e"}],"description":{"lang":"eng","value":"CVE-2024-12029 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-502","description":"CWE-502 Deserialization of Untrusted Data","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["opacewebdesign"],"deployer":["opacewebdesign"],"artifacts":[{"type":"System","name":"AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K)"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: The AI Scribe – SEO AI Writer, Content Generator, Humanizer, Blog Writer, SEO Optimizer, DALLE-3, AI WordPress Plugin ChatGPT (GPT-4o 128K) plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the engine_request_data() function in all versions up to, and including, 2.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update plugin settings."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12606"},{"type":"source","label":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4bc4a765-719e-4e99-b7f3-d255e4c019f5?source=cve","url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/4bc4a765-719e-4e99-b7f3-d255e4c019f5?source=cve"},{"type":"source","label":"https://plugins.trac.wordpress.org/browser/ai-scribe-the-chatgpt-powered-seo-content-creation-wizard/trunk/article_builder.php#L730","url":"https://plugins.trac.wordpress.org/browser/ai-scribe-the-chatgpt-powered-seo-content-creation-wizard/trunk/article_builder.php#L730"}],"description":{"lang":"eng","value":"CVE-2024-12606 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"reported_date":"2025-01-10"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["run-llama"],"deployer":["run-llama"],"artifacts":[{"type":"System","name":"run-llama/llama_index"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-835: A vulnerability in the LangChainLLM class of the run-llama/llama_index repository, version v0.12.5, allows for a Denial of Service (DoS) attack. The stream_complete method executes the llm using a thread and retrieves the result via the get_response_gen method of the StreamingGeneratorCallbackHandler class. If the thread terminates abnormally before the _llm.predict is executed, there is no exception handling for this case, leading to an infinite loop in the get_response_gen function. This can be triggered by providing an input of an incorrect type, causing the thread to terminate and the process to continue running indefinitely."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12704"},{"type":"source","label":"https://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a","url":"https://huntr.com/bounties/a0b638fd-21c6-4ba7-b381-6ab98472a02a"},{"type":"source","label":"https://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05","url":"https://github.com/run-llama/llama_index/commit/d1ecfb77578d089cbe66728f18f635c09aa32a05"}],"description":{"lang":"eng","value":"CVE-2024-12704 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-835","description":"CWE-835 Loop with Unreachable Exit Condition","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["infiniflow"],"deployer":["infiniflow"],"artifacts":[{"type":"System","name":"infiniflow/ragflow"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-918: A Server-Side Request Forgery (SSRF) vulnerability exists in infiniflow/ragflow version 0.12.0. The vulnerability is present in the `POST /v1/llm/add_llm` and `POST /v1/conversation/tts` endpoints. Attackers can specify an arbitrary URL as the `api_base` when adding an `OPENAITTS` model, and subsequently access the `tts` REST API endpoint to read contents from the specified URL. This can lead to unauthorized access to internal web resources."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12779"},{"type":"source","label":"https://huntr.com/bounties/3cc748ba-2afb-4bfe-8553-10eb6d6dd4f0","url":"https://huntr.com/bounties/3cc748ba-2afb-4bfe-8553-10eb6d6dd4f0"}],"description":{"lang":"eng","value":"CVE-2024-12779 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-918","description":"CWE-918 Server-Side Request Forgery (SSRF)","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["run-llama"],"deployer":["run-llama"],"artifacts":[{"type":"System","name":"run-llama/llama_index"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-89: A vulnerability in the FinanceChatLlamaPack of the run-llama/llama_index repository, versions up to v0.12.3, allows for SQL injection in the `run_sql_query` function of the `database_agent`. This vulnerability can be exploited by an attacker to inject arbitrary SQL queries, leading to remote code execution (RCE) through the use of PostgreSQL's large object functionality. The issue is fixed in version 0.3.0."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12909"},{"type":"source","label":"https://huntr.com/bounties/44e8177f-200a-4ba3-a12c-8bc21e313a3f","url":"https://huntr.com/bounties/44e8177f-200a-4ba3-a12c-8bc21e313a3f"},{"type":"source","label":"https://github.com/run-llama/llama_index/commit/5d03c175476452db9b8abcdb7d5767dd7b310a75","url":"https://github.com/run-llama/llama_index/commit/5d03c175476452db9b8abcdb7d5767dd7b310a75"}],"description":{"lang":"eng","value":"CVE-2024-12909 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-89","description":"CWE-89 Improper Neutralization of Special Elements used in an SQL Command","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["run-llama"],"deployer":["run-llama"],"artifacts":[{"type":"System","name":"run-llama/llama_index"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-89: A vulnerability in the `default_jsonalyzer` function of the `JSONalyzeQueryEngine` in the run-llama/llama_index repository allows for SQL injection via prompt injection. This can lead to arbitrary file creation and Denial-of-Service (DoS) attacks. The vulnerability affects the latest version and is fixed in version 0.5.1."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-12911"},{"type":"source","label":"https://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3","url":"https://huntr.com/bounties/095f9e67-311d-494c-99c5-5e61a0adb8f3"},{"type":"source","label":"https://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e","url":"https://github.com/run-llama/llama_index/commit/bf282074e20e7dafd5e2066137dcd4cd17c3fb9e"}],"description":{"lang":"eng","value":"CVE-2024-12911 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-89","description":"CWE-89 Improper Neutralization of Special Elements used in an SQL Command","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["IBM"],"deployer":["IBM"],"artifacts":[{"type":"System","name":"watsonx.ai"},{"type":"System","name":"watsonx.ai on Cloud Pak for Data"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-79: IBM watsonx.ai 1.1 through 2.0.3 and IBM watsonx.ai on Cloud Pak for Data 4.8 through 5.0.3 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-49785"},{"type":"source","label":"https://www.ibm.com/support/pages/node/7180723","url":"https://www.ibm.com/support/pages/node/7180723"}],"description":{"lang":"eng","value":"CVE-2024-49785 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-79","description":"CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')","lang":"en"}]},"reported_date":"2025-01-12"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["mlflow"],"deployer":["mlflow"],"artifacts":[{"type":"System","name":"mlflow/mlflow"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-400: In mlflow/mlflow version v2.13.2, a vulnerability exists that allows the creation or renaming of an experiment with a large number of integers in its name due to the lack of a limit on the experiment name. This can cause the MLflow UI panel to become unresponsive, leading to a potential denial of service. Additionally, there is no character limit in the `artifact_location` parameter while creating the experiment."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-6838"},{"type":"source","label":"https://huntr.com/bounties/8ad52cb2-2cda-4eb0-aec9-586060ee43e0","url":"https://huntr.com/bounties/8ad52cb2-2cda-4eb0-aec9-586060ee43e0"}],"description":{"lang":"eng","value":"CVE-2024-6838 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","baseScore":5.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"cwe":[{"cweId":"CWE-400","description":"CWE-400 Uncontrolled Resource Consumption","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["mintplex-labs"],"deployer":["mintplex-labs"],"artifacts":[{"type":"System","name":"mintplex-labs/anything-llm"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-306: In version 1.5.5 of mintplex-labs/anything-llm, the `/setup-complete` API endpoint allows unauthorized users to access sensitive system settings. The data returned by the `currentSettings` function includes sensitive information such as API keys for search engines, which can be exploited by attackers to steal these keys and cause loss of user assets."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-6842"},{"type":"source","label":"https://huntr.com/bounties/cd911fc7-ac6b-4974-acd0-9cc926fa8d9e","url":"https://huntr.com/bounties/cd911fc7-ac6b-4974-acd0-9cc926fa8d9e"},{"type":"source","label":"https://github.com/mintplex-labs/anything-llm/commit/8b1ceb30c159cf3a10efa16275bc6849d84e4ea8","url":"https://github.com/mintplex-labs/anything-llm/commit/8b1ceb30c159cf3a10efa16275bc6849d84e4ea8"}],"description":{"lang":"eng","value":"CVE-2024-6842 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-306","description":"CWE-306 Missing Authentication for Critical Function","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: lunary-ai/lunary version v1.4.25 contains an improper access control vulnerability in the POST /api/v1/data-warehouse/bigquery endpoint. This vulnerability allows any user to export the entire database data by creating a stream to Google BigQuery without proper authentication or authorization. The issue is fixed in version 1.4.26."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-8999"},{"type":"source","label":"https://huntr.com/bounties/d42b7a44-0dcb-4ef0-b15c-d0e558da65c6","url":"https://huntr.com/bounties/d42b7a44-0dcb-4ef0-b15c-d0e558da65c6"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/aa0fd22952d1d84a717ae563eb1ab564d94a9e2b","url":"https://github.com/lunary-ai/lunary/commit/aa0fd22952d1d84a717ae563eb1ab564d94a9e2b"}],"description":{"lang":"eng","value":"CVE-2024-8999 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["lunary-ai"],"deployer":["lunary-ai"],"artifacts":[{"type":"System","name":"lunary-ai/lunary"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: In lunary-ai/lunary before version 1.4.26, the checklists.post() endpoint allows users to create or modify checklists without validating whether the user has proper permissions. This missing access control permits unauthorized users to create checklists, bypassing intended permission checks. Additionally, the endpoint does not validate the uniqueness of the slug field when creating a new checklist, allowing an attacker to spoof existing checklists by reusing the slug of an already-existing checklist. This can lead to significant data integrity issues, as legitimate checklists can be replaced with malicious or altered data."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2024-9000"},{"type":"source","label":"https://huntr.com/bounties/f5fca549-0a4a-4f64-8ccf-d4e108856da4","url":"https://huntr.com/bounties/f5fca549-0a4a-4f64-8ccf-d4e108856da4"},{"type":"source","label":"https://github.com/lunary-ai/lunary/commit/a02861ef9bb6ce860a35f7b8f178d58859cd85f0","url":"https://github.com/lunary-ai/lunary/commit/a02861ef9bb6ce860a35f7b8f178d58859cd85f0"}],"description":{"lang":"eng","value":"CVE-2024-9000 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N","baseScore":7.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"HIGH","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-862","description":"CWE-862 Missing Authorization","lang":"en"}]},"reported_date":"2025-03-20"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["Google"],"deployer":["Google"],"artifacts":[{"type":"System","name":"Keras"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-94: The Keras Model.load_model function permits arbitrary code execution, even with safe_mode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their arguments, to be loaded and executed during model loading."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1550"},{"type":"source","label":"https://github.com/keras-team/keras/pull/20751","url":"https://github.com/keras-team/keras/pull/20751"},{"type":"source","label":"https://towerofhanoi.it/writeups/cve-2025-1550/","url":"https://towerofhanoi.it/writeups/cve-2025-1550/"}],"description":{"lang":"eng","value":"CVE-2025-1550 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-94","description":"CWE-94: Improper Control of Generation of Code ('Code Injection')","lang":"en"}]},"reported_date":"2025-03-11"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["mmaitre314"],"deployer":["mmaitre314"],"artifacts":[{"type":"System","name":"picklescan"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-184: picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An attacker could craft a malicious model that uses Pickle to pull in a malicious PyPI package (hosted, for example, on pypi.org or GitHub) via `pip.main()`. Because pip is not a restricted global, the model, when scanned with picklescan, would pass security checks and appear to be safe, when it could instead prove to be problematic."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1716"},{"type":"source","label":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1716","url":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1716"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/commit/78ce704227c51f070c0c5fb4b466d92c62a7aa3d","url":"https://github.com/mmaitre314/picklescan/commit/78ce704227c51f070c0c5fb4b466d92c62a7aa3d"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v","url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v"}],"description":{"lang":"eng","value":"CVE-2025-1716 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-184","description":"CWE-184 Incomplete List of Disallowed Inputs","lang":"en"}]},"reported_date":"2025-02-26"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["mmaitre314"],"deployer":["mmaitre314"],"artifacts":[{"type":"System","name":"picklescan"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-646: picklescan before 0.0.22 only considers standard pickle file extensions in the scope for its vulnerability scan. An attacker could craft a malicious model that uses Pickle and include a malicious pickle file with a non-standard file extension. Because the malicious pickle file inclusion is not considered as part of the scope of picklescan, the file would pass security checks and appear to be safe, when it could instead prove to be problematic."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1889"},{"type":"source","label":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1889","url":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1889"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v","url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-655q-fx9r-782v"}],"description":{"lang":"eng","value":"CVE-2025-1889 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-646","description":"CWE-646 Reliance on File Name or Extension of Externally-Supplied File","lang":"en"}]},"reported_date":"2025-03-03"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["mmaitre314"],"deployer":["mmaitre314"],"artifacts":[{"type":"System","name":"picklescan"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-345: picklescan before 0.0.23 is vulnerable to a ZIP archive manipulation attack that causes it to crash when attempting to extract and scan PyTorch model archives. By modifying the filename in the ZIP header while keeping the original filename in the directory listing, an attacker can make PickleScan raise a BadZipFile error. However, PyTorch's more forgiving ZIP implementation still allows the model to be loaded, enabling malicious payloads to bypass detection."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1944"},{"type":"source","label":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1944","url":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1944"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-7q5r-7gvp-wc82","url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-7q5r-7gvp-wc82"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781","url":"https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781"}],"description":{"lang":"eng","value":"CVE-2025-1944 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-345","description":"CWE-345 Insufficient Verification of Data Authenticity","lang":"en"}]},"reported_date":"2025-03-10"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["mmaitre314"],"deployer":["mmaitre314"],"artifacts":[{"type":"System","name":"picklescan"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-345: picklescan before 0.0.23 fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being successfully loaded by PyTorch's torch.load(). This can lead to arbitrary code execution when loading a compromised model."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-1945"},{"type":"source","label":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1945","url":"https://sites.google.com/sonatype.com/vulnerabilities/cve-2025-1945"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-w8jq-xcqf-f792","url":"https://github.com/mmaitre314/picklescan/security/advisories/GHSA-w8jq-xcqf-f792"},{"type":"source","label":"https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781","url":"https://github.com/mmaitre314/picklescan/commit/e58e45e0d9e091159c1554f9b04828bbb40b9781"}],"description":{"lang":"eng","value":"CVE-2025-1945 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cwe":[{"cweId":"CWE-345","description":"CWE-345 Insufficient Verification of Data Authenticity","lang":"en"}]},"reported_date":"2025-03-10"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"Mage AI"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-1188: A vulnerability was found in Mage AI 0.9.75. It has been classified as problematic. This affects an unknown part. The manipulation leads to insecure default initialization of resource. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. After 7 months of repeated follow-ups by the researcher, Mage AI has decided to not accept this issue as a valid security vulnerability and has confirmed that they will not be addressing it."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2129"},{"type":"source","label":"https://vuldb.com/?id.299049","url":"https://vuldb.com/?id.299049"},{"type":"source","label":"https://vuldb.com/?ctiid.299049","url":"https://vuldb.com/?ctiid.299049"},{"type":"source","label":"https://vuldb.com/?submit.510690","url":"https://vuldb.com/?submit.510690"},{"type":"source","label":"https://github.com/zn9988/publications/blob/main/2.Mage-AI%20-%20Insecure%20Default%20Authentication%20Setup%20Leading%20to%20Zero-Click%20RCE/README.md","url":"https://github.com/zn9988/publications/blob/main/2.Mage-AI%20-%20Insecure%20Default%20Authentication%20Setup%20Leading%20to%20Zero-Click%20RCE/README.md"}],"description":{"lang":"eng","value":"CVE-2025-2129 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":5.6,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-1188","description":"Insecure Default Initialization of Resource","lang":"en"}]},"reported_date":"2025-03-09"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["Microsoft"],"deployer":["Microsoft"],"artifacts":[{"type":"System","name":"Microsoft Account"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-862: Missing authorization in Microsoft Account allows an unauthorized attacker to elevate privileges over a network."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-21396"},{"type":"source","label":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21396","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21396"}],"description":{"lang":"eng","value":"CVE-2025-21396 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:U/RL:O/RC:C","baseScore":8.2,"baseSeverity":"HIGH"},"cwe":[{"cweId":"CWE-862","description":"CWE-862: Missing Authorization","lang":"en-US"}]},"reported_date":"2025-01-29"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["Microsoft"],"deployer":["Microsoft"],"artifacts":[{"type":"System","name":"Azure AI Face Service"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-290: Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to elevate privileges over a network."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-21415"},{"type":"source","label":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21415","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21415"}],"description":{"lang":"eng","value":"CVE-2025-21415 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:P/RL:O/RC:C","baseScore":9.9,"baseSeverity":"CRITICAL"},"cwe":[{"cweId":"CWE-290","description":"CWE-290: Authentication Bypass by Spoofing","lang":"en-US"}]},"reported_date":"2025-01-29"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["NVIDIA"],"deployer":["NVIDIA"],"artifacts":[{"type":"System","name":"Container Toolkit"},{"type":"System","name":"GPU Operator"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-367: NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-23359"},{"type":"source","label":"https://nvidia.custhelp.com/app/answers/detail/a_id/5616","url":"https://nvidia.custhelp.com/app/answers/detail/a_id/5616"}],"description":{"lang":"eng","value":"CVE-2025-23359 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-367","description":"CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition","lang":"en"}]},"reported_date":"2025-02-12"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["NI"],"deployer":["NI"],"artifacts":[{"type":"System","name":"Vision Builder AI"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-356: NI Vision Builder AI VBAI File Processing Missing Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of NI Vision Builder AI. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the processing of VBAI files. The issue results from allowing the execution of dangerous script without user warning. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-22833."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2450"},{"type":"source","label":"https://www.zerodayinitiative.com/advisories/ZDI-25-147/","url":"https://www.zerodayinitiative.com/advisories/ZDI-25-147/"}],"description":{"lang":"eng","value":"CVE-2025-2450 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH"},"cwe":[{"cweId":"CWE-356","description":"CWE-356: Product UI does not Warn User of Unsafe Actions","lang":"en"}]},"reported_date":"2025-03-18"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["Microsoft"],"deployer":["Microsoft"],"artifacts":[{"type":"System","name":"Azure promptflow-core"},{"type":"System","name":"Azure promptflow-tools"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-653: Improper isolation or compartmentalization in Azure PromptFlow allows an unauthorized attacker to execute code over a network."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-24986"},{"type":"source","label":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24986","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24986"}],"description":{"lang":"eng","value":"CVE-2025-24986 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C","baseScore":6.5,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-653","description":"CWE-653: Improper Isolation or Compartmentalization","lang":"en-US"}]},"reported_date":"2025-03-11"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["bentoml"],"deployer":["bentoml"],"artifacts":[{"type":"System","name":"BentoML"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-502: BentoML is a Python library for building online serving systems optimized for AI apps and model inference. A Remote Code Execution (RCE) vulnerability caused by insecure deserialization has been identified in the latest version (v1.4.2) of BentoML. It allows any unauthenticated user to execute arbitrary code on the server. It exists an unsafe code segment in serde.py. This vulnerability is fixed in 1.4.3."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-27520"},{"type":"source","label":"https://github.com/bentoml/BentoML/security/advisories/GHSA-33xw-247w-6hmc","url":"https://github.com/bentoml/BentoML/security/advisories/GHSA-33xw-247w-6hmc"},{"type":"source","label":"https://github.com/bentoml/BentoML/commit/b35f4f4fcc53a8c3fe8ed9c18a013fe0a728e194","url":"https://github.com/bentoml/BentoML/commit/b35f4f4fcc53a8c3fe8ed9c18a013fe0a728e194"}],"description":{"lang":"eng","value":"CVE-2025-27520 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-502","description":"CWE-502: Deserialization of Untrusted Data","lang":"en"}]},"reported_date":"2025-04-04"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["GitLab"],"deployer":["GitLab"],"artifacts":[{"type":"System","name":"GitLab"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-94: An issue has been discovered in the GitLab Duo with Amazon Q affecting all versions from 17.8 before 17.8.6, 17.9 before 17.9.3, and 17.10 before 17.10.1. A specifically crafted issue could manipulate AI-assisted development features to potentially expose sensitive project data to unauthorized users."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2867"},{"type":"source","label":"https://gitlab.com/gitlab-org/gitlab/-/issues/512509","url":"https://gitlab.com/gitlab-org/gitlab/-/issues/512509"}],"description":{"lang":"eng","value":"CVE-2025-2867 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"cwe":[{"cweId":"CWE-94","description":"CWE-94: Improper Control of Generation of Code ('Code Injection')","lang":"en"}]},"reported_date":"2025-03-27"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability was found in PyTorch 2.6.0. It has been declared as critical. Affected by this vulnerability is the function torch.nn.utils.rnn.pad_packed_sequence. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2998"},{"type":"source","label":"https://vuldb.com/?id.302047","url":"https://vuldb.com/?id.302047"},{"type":"source","label":"https://vuldb.com/?ctiid.302047","url":"https://vuldb.com/?ctiid.302047"},{"type":"source","label":"https://vuldb.com/?submit.524151","url":"https://vuldb.com/?submit.524151"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149622","url":"https://github.com/pytorch/pytorch/issues/149622"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149622#issue-2935495265","url":"https://github.com/pytorch/pytorch/issues/149622#issue-2935495265"}],"description":{"lang":"eng","value":"CVE-2025-2998 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"reported_date":"2025-03-31"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability was found in PyTorch 2.6.0. It has been rated as critical. Affected by this issue is the function torch.nn.utils.rnn.unpack_sequence. The manipulation leads to memory corruption. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-2999"},{"type":"source","label":"https://vuldb.com/?id.302048","url":"https://vuldb.com/?id.302048"},{"type":"source","label":"https://vuldb.com/?ctiid.302048","url":"https://vuldb.com/?ctiid.302048"},{"type":"source","label":"https://vuldb.com/?submit.524198","url":"https://vuldb.com/?submit.524198"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149622","url":"https://github.com/pytorch/pytorch/issues/149622"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149622#issue-2935495265","url":"https://github.com/pytorch/pytorch/issues/149622#issue-2935495265"}],"description":{"lang":"eng","value":"CVE-2025-2999 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"reported_date":"2025-03-31"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability classified as critical has been found in PyTorch 2.6.0. This affects the function torch.jit.script. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3000"},{"type":"source","label":"https://vuldb.com/?id.302049","url":"https://vuldb.com/?id.302049"},{"type":"source","label":"https://vuldb.com/?ctiid.302049","url":"https://vuldb.com/?ctiid.302049"},{"type":"source","label":"https://vuldb.com/?submit.524197","url":"https://vuldb.com/?submit.524197"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149623","url":"https://github.com/pytorch/pytorch/issues/149623"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149623#issue-2935703015","url":"https://github.com/pytorch/pytorch/issues/149623#issue-2935703015"}],"description":{"lang":"eng","value":"CVE-2025-3000 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"reported_date":"2025-03-31"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstm_cell. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3001"},{"type":"source","label":"https://vuldb.com/?id.302050","url":"https://vuldb.com/?id.302050"},{"type":"source","label":"https://vuldb.com/?ctiid.302050","url":"https://vuldb.com/?ctiid.302050"},{"type":"source","label":"https://vuldb.com/?submit.524212","url":"https://vuldb.com/?submit.524212"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149626","url":"https://github.com/pytorch/pytorch/issues/149626"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149626#issue-2935860995","url":"https://github.com/pytorch/pytorch/issues/149626#issue-2935860995"}],"description":{"lang":"eng","value":"CVE-2025-3001 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":5.3,"baseSeverity":"MEDIUM"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"reported_date":"2025-03-31"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["Mozilla"],"deployer":["Mozilla"],"artifacts":[{"type":"System","name":"Firefox"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"By first using the AI chatbot in one tab and later activating it in another tab, the document title of the previous tab would leak into the chat prompt. This vulnerability affects Firefox < 137."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3035"},{"type":"source","label":"https://bugzilla.mozilla.org/show_bug.cgi?id=1952268","url":"https://bugzilla.mozilla.org/show_bug.cgi?id=1952268"},{"type":"source","label":"https://www.mozilla.org/security/advisories/mfsa2025-20/","url":"https://www.mozilla.org/security/advisories/mfsa2025-20/"}],"description":{"lang":"eng","value":"CVE-2025-3035 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"}},"reported_date":"2025-04-01"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability classified as problematic has been found in PyTorch 2.6.0. Affected is the function torch.jit.jit_module_from_flatbuffer. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3121"},{"type":"source","label":"https://vuldb.com/?id.303012","url":"https://vuldb.com/?id.303012"},{"type":"source","label":"https://vuldb.com/?ctiid.303012","url":"https://vuldb.com/?ctiid.303012"},{"type":"source","label":"https://vuldb.com/?submit.525049","url":"https://vuldb.com/?submit.525049"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149800","url":"https://github.com/pytorch/pytorch/issues/149800"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149800#issue-2940240700","url":"https://github.com/pytorch/pytorch/issues/149800#issue-2940240700"}],"description":{"lang":"eng","value":"CVE-2025-3121 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"reported_date":"2025-04-02"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["n/a"],"deployer":["n/a"],"artifacts":[{"type":"System","name":"PyTorch"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-119: A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function torch.cuda.memory.caching_allocator_delete of the file c10/cuda/CUDACachingAllocator.cpp. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3136"},{"type":"source","label":"https://vuldb.com/?id.303041","url":"https://vuldb.com/?id.303041"},{"type":"source","label":"https://vuldb.com/?ctiid.303041","url":"https://vuldb.com/?ctiid.303041"},{"type":"source","label":"https://vuldb.com/?submit.525252","url":"https://vuldb.com/?submit.525252"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149821","url":"https://github.com/pytorch/pytorch/issues/149821"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149821#issuecomment-2765311086","url":"https://github.com/pytorch/pytorch/issues/149821#issuecomment-2765311086"},{"type":"source","label":"https://github.com/pytorch/pytorch/issues/149821#issue-2940838975","url":"https://github.com/pytorch/pytorch/issues/149821#issue-2940838975"}],"description":{"lang":"eng","value":"CVE-2025-3136 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L","baseScore":3.3,"baseSeverity":"LOW"},"cwe":[{"cweId":"CWE-119","description":"Memory Corruption","lang":"en"}]},"reported_date":"2025-04-03"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["ageerle"],"deployer":["ageerle"],"artifacts":[{"type":"System","name":"ruoyi-ai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-285, CWE-266: A vulnerability was found in ageerle ruoyi-ai up to 2.0.1 and classified as critical. Affected by this issue is some unknown functionality of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysModelController.java of the component API Interface. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.2 is able to address this issue. The name of the patch is c0daf641fb25b244591b7a6c3affa35c69d321fe. It is recommended to upgrade the affected component."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3199"},{"type":"source","label":"https://vuldb.com/?id.303152","url":"https://vuldb.com/?id.303152"},{"type":"source","label":"https://vuldb.com/?ctiid.303152","url":"https://vuldb.com/?ctiid.303152"},{"type":"source","label":"https://vuldb.com/?submit.545830","url":"https://vuldb.com/?submit.545830"},{"type":"source","label":"https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_01.md","url":"https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_01.md"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/issues/43#issuecomment-2763091490","url":"https://github.com/ageerle/ruoyi-ai/issues/43#issuecomment-2763091490"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/issues/43","url":"https://github.com/ageerle/ruoyi-ai/issues/43"},{"type":"source","label":"https://github.com/gwozai/ruoyi-ai/commit/c0daf641fb25b244591b7a6c3affa35c69d321fe","url":"https://github.com/gwozai/ruoyi-ai/commit/c0daf641fb25b244591b7a6c3affa35c69d321fe"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/releases/tag/v2.0.2","url":"https://github.com/ageerle/ruoyi-ai/releases/tag/v2.0.2"}],"description":{"lang":"eng","value":"CVE-2025-3199 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH"},"cwe":[{"cweId":"CWE-285","description":"Improper Authorization","lang":"en"},{"cweId":"CWE-266","description":"Incorrect Privilege Assignment","lang":"en"}]},"reported_date":"2025-04-04"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["getcursor"],"deployer":["getcursor"],"artifacts":[{"type":"System","name":"cursor"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-22: Cursor is a code editor built for programming with AI. In versions 0.45.0 through 0.48.6, the Cursor app introduced a regression affecting the set of file paths the Cursor Agent is permitted to modify automatically. Under specific conditions, the agent could be prompted, either directly by the user or via maliciously crafted context, to automatically write to files outside of the opened workspace. This behavior required deliberate prompting, making successful exploitation highly impractical in real-world scenarios. Furthermore, the edited file was still displayed in the UI as usual for user review, making it unlikely for the edit to go unnoticed by the user. This vulnerability is fixed in 0.48.7."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-32018"},{"type":"source","label":"https://github.com/getcursor/cursor/security/advisories/GHSA-qjh8-mh96-fc86","url":"https://github.com/getcursor/cursor/security/advisories/GHSA-qjh8-mh96-fc86"}],"description":{"lang":"eng","value":"CVE-2025-32018 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-22","description":"CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","lang":"en"}]},"reported_date":"2025-04-08"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["ageerle"],"deployer":["ageerle"],"artifacts":[{"type":"System","name":"ruoyi-ai"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-285, CWE-266: A vulnerability classified as critical has been found in ageerle ruoyi-ai up to 2.0.0. Affected is an unknown function of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysNoticeController.java. The manipulation leads to improper authorization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.1 is able to address this issue. The name of the patch is 6382e177bf90cc56ff70521842409e35c50df32d. It is recommended to upgrade the affected component."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3202"},{"type":"source","label":"https://vuldb.com/?id.303156","url":"https://vuldb.com/?id.303156"},{"type":"source","label":"https://vuldb.com/?ctiid.303156","url":"https://vuldb.com/?ctiid.303156"},{"type":"source","label":"https://vuldb.com/?submit.545866","url":"https://vuldb.com/?submit.545866"},{"type":"source","label":"https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_02.md","url":"https://github.com/Tr0e/CVE_Hunter/blob/main/ruoyi-ai/ruoyi-ai_UnauthorizedAccess_02.md"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/issues/44#issue-2957771318","url":"https://github.com/ageerle/ruoyi-ai/issues/44#issue-2957771318"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/commit/6382e177bf90cc56ff70521842409e35c50df32d","url":"https://github.com/ageerle/ruoyi-ai/commit/6382e177bf90cc56ff70521842409e35c50df32d"},{"type":"source","label":"https://github.com/ageerle/ruoyi-ai/releases/tag/v2.0.1","url":"https://github.com/ageerle/ruoyi-ai/releases/tag/v2.0.1"}],"description":{"lang":"eng","value":"CVE-2025-3202 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","baseScore":7.3,"baseSeverity":"HIGH"},"cwe":[{"cweId":"CWE-285","description":"Improper Authorization","lang":"en"},{"cweId":"CWE-266","description":"Incorrect Privilege Assignment","lang":"en"}]},"reported_date":"2025-04-04"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["bentoml"],"deployer":["bentoml"],"artifacts":[{"type":"System","name":"BentoML"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-502: BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.8, there was an insecure deserialization in BentoML's runner server. By setting specific headers and parameters in the POST request, it is possible to execute any unauthorized arbitrary code on the server, which will grant the attackers to have the initial access and information disclosure on the server. This vulnerability is fixed in 1.4.8."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-32375"},{"type":"source","label":"https://github.com/bentoml/BentoML/security/advisories/GHSA-7v4r-c989-xh26","url":"https://github.com/bentoml/BentoML/security/advisories/GHSA-7v4r-c989-xh26"}],"description":{"lang":"eng","value":"CVE-2025-32375 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-502","description":"CWE-502: Deserialization of Untrusted Data","lang":"en"}]},"reported_date":"2025-04-09"} -{"data_type":"AVID","data_version":"0.2","affects":{"developer":["langflow-ai"],"deployer":["langflow-ai"],"artifacts":[{"type":"System","name":"langflow"}]},"problemtype":{"classof":"CVE Entry","type":"Advisory","description":{"lang":"eng","value":"CWE-306: Langflow versions prior to 1.3.0 are susceptible to code injection in \nthe /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary\ncode."}},"references":[{"type":"source","label":"NVD entry","url":"https://www.cve.org/CVERecord?id=CVE-2025-3248"},{"type":"source","label":"https://github.com/langflow-ai/langflow/pull/6911","url":"https://github.com/langflow-ai/langflow/pull/6911"},{"type":"source","label":"https://github.com/langflow-ai/langflow/releases/tag/1.3.0","url":"https://github.com/langflow-ai/langflow/releases/tag/1.3.0"},{"type":"source","label":"https://www.horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/","url":"https://www.horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/"},{"type":"source","label":"https://www.vulncheck.com/advisories/langflow-unauthenticated-rce","url":"https://www.vulncheck.com/advisories/langflow-unauthenticated-rce"}],"description":{"lang":"eng","value":"CVE-2025-3248 Detail"},"impact":{"avid":{"risk_domain":["Security"],"sep_view":["S0100: Software Vulnerability"],"lifecycle_view":["L06: Deployment"],"taxonomy_version":"0.2"},"cvss":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"cwe":[{"cweId":"CWE-306","description":"CWE-306 Missing Authentication for Critical Function","lang":"en"}]},"reported_date":"2025-04-07"} From 7e3ae518b6b59b0feb87f2e3c351fc6cf6496d22 Mon Sep 17 00:00:00 2001 From: shubhobm Date: Sat, 6 Dec 2025 16:52:20 +0530 Subject: [PATCH 4/7] only reports --- scripts/mileva.py | 50 ++++++++++++++++++++++------------------------- 1 file changed, 23 insertions(+), 27 deletions(-) diff --git a/scripts/mileva.py b/scripts/mileva.py index 6076377..9a81856 100644 --- a/scripts/mileva.py +++ b/scripts/mileva.py @@ -498,9 +498,9 @@ def save_vulnerabilities_to_jsonl( async def process_single_cve( session: aiohttp.ClientSession, cve_id: str, index: int, total: int -) -> tuple[Optional[Vulnerability], Optional[Report]]: +) -> Optional[Report]: """ - Process a single CVE: fetch details and create Vulnerability/Report objects. + Process a single CVE: fetch details and create Report object. Args: session: aiohttp ClientSession @@ -509,7 +509,7 @@ async def process_single_cve( total: Total number of CVEs Returns: - Tuple of (Vulnerability, Report) or (None, None) if failed + Report object or None if failed """ print(f"Processing {index}/{total}: {cve_id}") @@ -517,21 +517,20 @@ async def process_single_cve( if cve_details: try: - vulnerability = create_vulnerability_from_cve(cve_details) report = create_report_from_cve(cve_details) - print(f"✓ Successfully created objects for {cve_id}") - return vulnerability, report + print(f"✓ Successfully created Report for {cve_id}") + return report except Exception as e: - print(f"✗ Error creating objects for {cve_id}: {e}") - return None, None + print(f"✗ Error creating Report for {cve_id}: {e}") + return None else: print(f"✗ Failed to fetch details for {cve_id}") - return None, None + return None async def process_cves_async( cve_list: List[str], max_concurrent: int = 10 -) -> tuple[List[Vulnerability], List[Report]]: +) -> List[Report]: """ Process multiple CVEs concurrently using async/await. @@ -540,9 +539,8 @@ async def process_cves_async( max_concurrent: Maximum number of concurrent requests Returns: - Tuple of (vulnerabilities list, reports list) + List of Report objects """ - vulnerabilities = [] reports = [] connector = aiohttp.TCPConnector(limit=max_concurrent) @@ -558,12 +556,10 @@ async def process_cves_async( # Collect successful results for result in results: - if isinstance(result, tuple) and result[0] is not None: - vuln, report = result - vulnerabilities.append(vuln) - reports.append(report) + if isinstance(result, Report): + reports.append(result) - return vulnerabilities, reports + return reports def save_reports_to_jsonl(reports: List[Report], output_path: str): @@ -621,35 +617,35 @@ def main(): print("-" * 80) print() - # Step 3 & 4: Scrape CVE details and create objects (async) + # Step 3 & 4: Scrape CVE details and create Report objects (async) cve_list = sorted(all_cve_ids) print(f"Processing {len(cve_list)} CVEs with concurrent requests...") print() - vulnerabilities, reports = asyncio.run(process_cves_async(cve_list, max_concurrent=10)) + reports = asyncio.run( + process_cves_async(cve_list, max_concurrent=10) + ) print("-" * 80) print() - # Step 4: Save to JSONL files - if vulnerabilities and reports: + # Step 4: Save to JSONL file + if reports: print("Saving outputs...") - save_vulnerabilities_to_jsonl(vulnerabilities, "mileva_cves.jsonl") save_reports_to_jsonl(reports, "mileva_reports.jsonl") print() print("=" * 80) print( - f"Complete! Successfully processed {len(vulnerabilities)} out of " - f"{len(cve_list)} CVEs into Vulnerability and Report objects" + f"Complete! Successfully processed {len(reports)} out of " + f"{len(cve_list)} CVEs into Report objects" ) - print("Output files:") - print(" - mileva_cves.jsonl (Vulnerability objects)") + print("Output file:") print(" - mileva_reports.jsonl (Report objects)") print("=" * 80) else: - print("No objects were successfully created.") + print("No Reports were successfully created.") if __name__ == "__main__": From ecab70fde8b84fbe960cc49ec04ea78379068b5e Mon Sep 17 00:00:00 2001 From: shubhobm Date: Sat, 6 Dec 2025 17:46:44 +0530 Subject: [PATCH 5/7] // --- scripts/mileva.py | 42 +++++++++++++++++++++++++++++++++++------- 1 file changed, 35 insertions(+), 7 deletions(-) diff --git a/scripts/mileva.py b/scripts/mileva.py index 9a81856..de29818 100644 --- a/scripts/mileva.py +++ b/scripts/mileva.py @@ -15,11 +15,12 @@ - nvdlib: For fetching CVE data from NVD (already in dependencies) """ +import argparse import asyncio import re import sys import time -from datetime import date +from datetime import date, datetime, timezone from pathlib import Path from typing import List, Optional, Set @@ -582,8 +583,12 @@ def save_reports_to_jsonl(reports: List[Report], output_path: str): print(f"Saved {len(reports)} reports to {output_path}") -def main(): - """Main execution function.""" +def main(output_dir: Optional[Path] = None): + """Main execution function. + + Args: + output_dir: Directory to save output file. Defaults to script directory. + """ print("="*80) print("CVE Scraper - Milev.ai to AVID Vulnerability Converter") print("="*80) @@ -630,10 +635,21 @@ def main(): print("-" * 80) print() - # Step 4: Save to JSONL file + # Step 4: Save to JSONL file in avid-db/reports/review/ if reports: print("Saving outputs...") - save_reports_to_jsonl(reports, "mileva_reports.jsonl") + + # Generate timestamped filename + utc_timestamp = datetime.now(timezone.utc).strftime("%Y%m%d_%H%M%S") + filename = f"cve_digest_{utc_timestamp}.jsonl" + + # Determine output path (relative to this script's location) + script_dir = Path(__file__).parent + avid_db_path = script_dir.parent.parent / "avid-db" + review_path = avid_db_path / "reports" / "review" + output_path = review_path / filename + + save_reports_to_jsonl(reports, str(output_path)) print() print("=" * 80) @@ -642,11 +658,23 @@ def main(): f"{len(cve_list)} CVEs into Report objects" ) print("Output file:") - print(" - mileva_reports.jsonl (Report objects)") + print(f" - {output_path}") print("=" * 80) else: print("No Reports were successfully created.") if __name__ == "__main__": - main() + parser = argparse.ArgumentParser( + description="Scrape CVE data from Milev.ai and convert to AVID Reports" + ) + parser.add_argument( + "--output-dir", + type=Path, + default=None, + help="Output directory for JSONL file (default: script directory)" + ) + + args = parser.parse_args() + + main(output_dir=args.output_dir) From 8b631c77b40de070d1480808ef5457b032604de3 Mon Sep 17 00:00:00 2001 From: Subho Majumdar Date: Sun, 7 Dec 2025 12:24:27 +0530 Subject: [PATCH 6/7] Update scripts/mileva.py Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- scripts/mileva.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/mileva.py b/scripts/mileva.py index de29818..261036c 100644 --- a/scripts/mileva.py +++ b/scripts/mileva.py @@ -12,7 +12,7 @@ Dependencies: - beautifulsoup4: For HTML parsing - requests: For HTTP requests - - nvdlib: For fetching CVE data from NVD (already in dependencies) + - aiohttp: For asynchronous HTTP requests to the MITRE CVE API """ import argparse From b80b2a71e1100693e89adc677bf0214b6833645a Mon Sep 17 00:00:00 2001 From: Subho Majumdar Date: Sun, 7 Dec 2025 12:25:08 +0530 Subject: [PATCH 7/7] Update scripts/mileva.py Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- scripts/mileva.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/mileva.py b/scripts/mileva.py index 261036c..4e38b67 100644 --- a/scripts/mileva.py +++ b/scripts/mileva.py @@ -1,12 +1,12 @@ """ Script to scrape CVE information from Milev.ai and NVD. -This script structures CVE data into AVID Vulnerability objects. +This script structures CVE data into AVID Report objects. This script: 1. Scrapes unique CVE IDs from Milev.ai research digest pages 2. Fetches detailed CVE information from NVD -3. Structures the data into AVID Vulnerability objects +3. Structures the data into AVID Report objects 4. Saves all vulnerabilities to a JSONL file Dependencies: