Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/12 9:22 p.m.8 views

CVE-2025-4515

A vulnerability, which was classified as problematic, was found in Zylon PrivateGPT up to 0.6.2. This affects an unknown part of the file settings.yaml. The manipulation of the argument alloworigins leads to permissive cross-domain policy with untrusted domains. It is possible to initiate the...

6.5CVSS6.7AI score0.00293EPSS
Exploits1References1
Circl
Circl
added 2025/05/10 9:27 p.m.26 views

CVE-2025-4515

creationtimestamp| type| source ---|---|--- 2025-05-10 21:27:06+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15911 2025-05-10 21:44:10+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lotuub3y3gt2 2025-05-11...

6.5CVSS4.5AI score0.00293EPSS
Exploits1References3
NVD
NVD
added 2025/05/10 9:15 p.m.21 views

CVE-2025-4515

A vulnerability, which was classified as problematic, was found in Zylon PrivateGPT up to 0.6.2. This affects an unknown part of the file settings.yaml. The manipulation of the argument alloworigins leads to permissive cross-domain policy with untrusted domains. It is possible to initiate the...

6.5CVSS0.00293EPSS
Exploits1References4
CVE
CVE
added 2025/05/10 8:31 p.m.61 views

CVE-2025-4515

CVE-2025-4515 affects Zylon PrivateGPT up to 0.6.2. The issue resides in an unknown part of settings.yaml where manipulating the allow_origins parameter yields a permissive cross-domain policy with untrusted domains, enabling remote initiation of an attack. Public disclosure exists. Practical imp...

6.5CVSS4.7AI score0.00293EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/10 8:31 p.m.6 views

CVE-2025-4515 Zylon PrivateGPT settings.yaml cross-domain policy

A vulnerability, which was classified as problematic, was found in Zylon PrivateGPT up to 0.6.2. This affects an unknown part of the file settings.yaml. The manipulation of the argument alloworigins leads to permissive cross-domain policy with untrusted domains. It is possible to initiate the...

5.3CVSS4.6AI score0.00293EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/05/10 8:31 p.m.26 views

CVE-2025-4515 Zylon PrivateGPT settings.yaml cross-domain policy

A vulnerability, which was classified as problematic, was found in Zylon PrivateGPT up to 0.6.2. This affects an unknown part of the file settings.yaml. The manipulation of the argument alloworigins leads to permissive cross-domain policy with untrusted domains. It is possible to initiate the...

5.3CVSS0.00293EPSS
Exploits1References4
OSV
OSV
added 2025/05/10 8:31 p.m.3 views

CVE-2025-4515 Zylon PrivateGPT settings.yaml cross-domain policy

A vulnerability, which was classified as problematic, was found in Zylon PrivateGPT up to 0.6.2. This affects an unknown part of the file settings.yaml. The manipulation of the argument alloworigins leads to permissive cross-domain policy with untrusted domains. It is possible to initiate the...

5.3CVSS5.1AI score0.00293EPSS
Exploits1References6
Rows per page
Query Builder