3 matches found
CVE-2024-3403
imartinez/privategpt version 0.2.0 is vulnerable to a local file inclusion vulnerability that allows attackers to read arbitrary files from the filesystem. By manipulating file upload functionality to ingest arbitrary local files, attackers can exploit the 'Search in Docs' feature or query the AI...
CVE-2024-3403
CVE-2024-3403 affects imartinez/privategpt v0.2.0 with a local file inclusion weakness that enables reading arbitrary files via manipulated file upload, exposing files through the app’s “Search in Docs” feature or AI queries. Impact notes in sources include potential remote code execution by expo...
PT-2024-25655 · Unknown · Imartinez/Privategpt
Name of the Vulnerable Software and Affected Versions: imartinez/privategpt version 0.2.0 Description: The issue allows attackers to read arbitrary files from the filesystem by exploiting a local file inclusion vulnerability. This can be achieved by manipulating file upload functionality to inges...