漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Improper Authorization in lunary-ai/lunary
Vulnerability Description
A vulnerability in lunary-ai/lunary, as of commit be54057, allows users to upload and execute arbitrary regular expressions on the server side. This can lead to a Denial of Service (DoS) condition, as certain regular expressions can cause excessive resource consumption, blocking the server from processing other requests.
CVSS Information
N/A
Vulnerability Type
CWE-1333
Vulnerability Title
Lunary 授权问题漏洞
Vulnerability Description
Lunary是Lunary开源的一个 LLM 的生产工具包。 Lunary be54057版本存在授权问题漏洞,该漏洞源于允许用户上传和执行任意正则表达式,可能导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A