漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Email Validation Bypass in lunary-ai/lunary
Vulnerability Description
In lunary-ai/lunary versions <=v1.2.11, an attacker can bypass email validation by using a dot character ('.') in the email address. This allows the creation of multiple accounts with essentially the same email address (e.g., 'attacker123@gmail.com' and 'attacker.123@gmail.com'), leading to incorrect synchronization and potential security issues.
CVSS Information
N/A
Vulnerability Type
不正确的同步机制
Vulnerability Title
Lunary 安全漏洞
Vulnerability Description
Lunary是lunary开源的一个 LLM 的生产工具包。 Lunary v1.2.11及之前版本存在安全漏洞,该漏洞源于允许创建具有基本相同电子邮件地址的多个帐户,从而导致同步不正确和潜在的安全问题。
CVSS Information
N/A
Vulnerability Type
N/A