Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Email Validation Bypass in lunary-ai/lunary
Vulnerability Description
In lunary-ai/lunary versions <=v1.2.11, an attacker can bypass email validation by using a dot character ('.') in the email address. This allows the creation of multiple accounts with essentially the same email address (e.g., 'attacker123@gmail.com' and 'attacker.123@gmail.com'), leading to incorrect synchronization and potential security issues.
CVSS Information
N/A
Vulnerability Type
不正确的同步机制
Vulnerability Title
Lunary 安全漏洞
Vulnerability Description
Lunary是lunary开源的一个 LLM 的生产工具包。 Lunary v1.2.11及之前版本存在安全漏洞,该漏洞源于允许创建具有基本相同电子邮件地址的多个帐户,从而导致同步不正确和潜在的安全问题。
CVSS Information
N/A
Vulnerability Type
N/A