Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Authorization in lunary-ai/lunary
Vulnerability Description
A vulnerability in lunary-ai/lunary, as of commit be54057, allows users to upload and execute arbitrary regular expressions on the server side. This can lead to a Denial of Service (DoS) condition, as certain regular expressions can cause excessive resource consumption, blocking the server from processing other requests.
CVSS Information
N/A
Vulnerability Type
CWE-1333
Vulnerability Title
Lunary 授权问题漏洞
Vulnerability Description
Lunary是Lunary开源的一个 LLM 的生产工具包。 Lunary be54057版本存在授权问题漏洞,该漏洞源于允许用户上传和执行任意正则表达式,可能导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A