VYPR
Unrated severityNVD Advisory· Published Jun 27, 2024· Updated Aug 1, 2024

Email Validation Bypass in lunary-ai/lunary

CVE-2024-5755

Description

In lunary-ai/lunary versions <=v1.2.11, an attacker can bypass email validation by using a dot character ('.') in the email address. This allows the creation of multiple accounts with essentially the same email address (e.g., 'attacker123@gmail.com' and 'attacker.123@gmail.com'), leading to incorrect synchronization and potential security issues.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Lunary AI/Lunaryllm-fuzzy2 versions
    <=v1.2.11+ 1 more
    • (no CPE)range: <=v1.2.11
    • (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.