3 matches found
CVE-2025-25185
CVE-2025-25185: GPT Academic exposes a back-linking vulnerability in 3.91 and earlier where soft links are not properly handled during tar.gz extraction. An attacker can create a malicious file as a soft link to a target server file, package it in a tar.gz, upload it, and on decompression the sof...
CVE-2023-33979
The CVE-2023-33979 issue affects gpt_academic (3.37 and earlier), where improper handling of the Configuration File Handler allows manipulation of the file argument resulting in information disclosure. Read access via the /file route can leak sensitive information from working directories, partic...
CVE-2024-11039
CVE-2024-11039 affects binary-husky/gpt_academic