Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Redos (Regular Expression Denial of Service) in lunary-ai/lunary
Vulnerability Description
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary application, version 1.2.10. An attacker can exploit this vulnerability by maliciously manipulating regular expressions, which can significantly impact the response time of the application and potentially render it completely non-functional. Specifically, the vulnerability can be triggered by sending a specially crafted request to the application, leading to a denial of service where the application crashes.
CVSS Information
N/A
Vulnerability Type
CWE-1333
Vulnerability Title
Lunary 资源管理错误漏洞
Vulnerability Description
Lunary是lunary开源的一个 LLM 的生产工具包。 Lunary 1.2.10版本存在资源管理错误漏洞,该漏洞源于存在正则表达式拒绝服务(ReDoS)漏洞,攻击者利用此漏洞可以导致拒绝服务并导致应用程序崩溃。
CVSS Information
N/A
Vulnerability Type
N/A