exploitDog

GHSA-jm4g-r2mq-5rp7

Опубликовано: 22 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Incorrect access control in the /api/v1/conversations/*/messages API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access other users' message history with AI agents.

Incorrect access control in the /api/v1/conversations/*/messages API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access other users' message history with AI agents.

Ссылки

EPSS

Процентиль: 14%

0.00045

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2025-63664

CVSS3: 7.5

nvd

около 2 месяцев назад

Incorrect access control in the /api/v1/conversations/*/messages API of GT Edge AI Platform before v2.0.10-dev allows unauthorized attackers to access other users' message history with AI agents.

EPSS

Процентиль: 14%

0.00045

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-284