These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
Dify versions 1.14.1 and prior contain an authorization bypass vulnerability in the file preview endpoint (`/console/api/files/{file_id}/preview`). An authenticated attacker can read up to 3,000 characters of any uploaded document across all tenants and workspaces by supplying only the file's UUID, without ownership or workspace permission verification. The vulnerability is rated HIGH severity (CVSS 4.0 s [truncated]
A critical path traversal vulnerability in Dify (versions ≤1.14.1) allows authenticated attackers to escape tenant isolation boundaries and access the Plugin Daemon's internal REST API. The flaw stems from insufficient URL path sanitization, enabling traversal via unencoded dot sequences in task identifiers or manipulated filename parameters. Attackers with knowledge of a victim tenant's UUID can reach in [truncated]
A critical authorization bypass vulnerability in Dify (versions 1.14.1 and prior) allows authenticated editor users to manipulate trace configurations for applications outside their tenant scope. The flaw stems from missing tenant ownership validation in trace configuration endpoints, enabling attackers to redirect messages and responses from victim applications to attacker-controlled LLM trace providers. [truncated]