Lucene search
HistoryJun 27, 2024 - 7:15 p.m.
CVE-2024-5935
cve-2024-5935
cross-site request forgery
data loss
service disruption
file deletion
security vulnerability
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
0.0004 Low
EPSS
Percentile
9.1%
A Cross-Site Request Forgery (CSRF) vulnerability in version 0.5.0 of imartinez/privategpt allows an attacker to delete all uploaded files on the server. This can lead to data loss and service disruption for the applicationβs users.
Related
vulnrichment
vulnrichment
CVE-2024-5935 CSRF Vulnerability in imartinez/privategpt
2024-06-27 18:45:51
cvelist
cvelist
CVE-2024-5935 CSRF Vulnerability in imartinez/privategpt
2024-06-27 18:45:51
cve
cve
CVE-2024-5935
2024-06-27 19:15:18
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
0.0004 Low
EPSS
Percentile
9.1%
Related for NVD:CVE-2024-5935