exploitDog

GHSA-4523-grj5-wxfg

Опубликовано: 22 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Incorrect access control in the /api/v1/conversations/*/files API of GT Edge AI Platform before v2.0.10 allows unauthorized attackers to access other users' uploaded files.

Incorrect access control in the /api/v1/conversations/*/files API of GT Edge AI Platform before v2.0.10 allows unauthorized attackers to access other users' uploaded files.

Ссылки

EPSS

Процентиль: 14%

0.00045

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2025-63663

CVSS3: 7.5

nvd

около 2 месяцев назад

Incorrect access control in the /api/v1/conversations/*/files API of GT Edge AI Platform before v2.0.10 allows unauthorized attackers to access other users' uploaded files.

EPSS

Процентиль: 14%

0.00045

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-284