PrivateGPT 安全漏洞

PrivateGPT is an AI project open-sourced by Zylon. A security vulnerability exists in PrivateGPT version 0.6.2 and earlier, which stems from improper cross-domain policy due to misuse of the parameter alloworigins in the file settings.yaml...

PrivateGPT 资源管理错误漏洞

PrivateGPT is an AI project open-sourced by Zylon. A resource management error vulnerability exists in PrivateGPT version 0.5.0, which stems from improper handling of multi-part boundaries when uploading a file, which could lead to a denial of service...

PrivateGPT 资源管理错误漏洞

PrivateGPT is an AI project open-sourced by Zylon. A resource management error vulnerability exists in PrivateGPT v0.6.2, which stems from improper handling of form-data in a file upload request and could lead to a denial of service attack...

PrivateGPT 操作系统命令注入漏洞

PrivateGPT is an AI project open-sourced by Zylon. An operating system command injection vulnerability exists in PrivateGPT version 0.3.0 and earlier, which stems from the presence of a Python command injection vulnerability that could allow an attacker to execute arbitrary commands on the system...

PrivateGPT Input Validation Error Vulnerability

PrivateGPT is an AI project. An input validation error vulnerability exists in PrivateGPT version 0.5.0 that stems from mishandling of the file parameter, allowing an attacker to redirect a user to a URL specified by user-controlled input without proper validation or cleanup...

PrivateGPT Security Vulnerabilities

PrivateGPT is an AI project. A security vulnerability exists in PrivateGPT that stems from improper file upload validation, which can be exploited by an attacker to execute arbitrary JavaScript code in the context of a user's browser session by uploading a malicious HTML file...