A vulnerability in lunary-ai/lunary, as of commit be54057, allows users to upload and execute arbitrary regular expressions on the server side. This can lead to a Denial of Service (DoS) condition, as certain regular expressions can cause excessive resource consumption, blocking the server from processing other requests.
References
Link | Resource |
---|---|
https://github.com/lunary-ai/lunary/commit/7ff89b0304d191534b924cf063f3648206d497fa | Patch |
https://huntr.com/bounties/088c04a1-d23a-47f2-9d7c-b84d7332868d | Exploit Third Party Advisory |
Configurations
History
02 Jul 2025, 19:50
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:lunary:lunary:*:*:*:*:*:*:*:* | |
First Time |
Lunary
Lunary lunary |
|
References | () https://github.com/lunary-ai/lunary/commit/7ff89b0304d191534b924cf063f3648206d497fa - Patch | |
References | () https://huntr.com/bounties/088c04a1-d23a-47f2-9d7c-b84d7332868d - Exploit, Third Party Advisory | |
Summary |
|
20 Mar 2025, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-03-20 10:15
Updated : 2025-07-02 19:50
NVD link : CVE-2024-8764
Mitre link : CVE-2024-8764
CVE.ORG link : CVE-2024-8764
JSON object : View
Products Affected
lunary
- lunary
CWE
CWE-285
Improper Authorization