Privategpt Security Vulnerabilities and Issues — Privategpt CVE List

Lucene search

PribaiPrivategpt

3 matches found

CVE•added 2024/06/06 7:16 p.m.•53 views

CVE-2024-5186

A Server-Side Request Forgery (SSRF) vulnerability exists in the file upload section of imartinez/privategpt version 0.5.0. This vulnerability allows attackers to send crafted requests that could result in unauthorized access to the local network and potentially sensitive information. Specifically,...

8.3CVSS7.9AI score0.00082EPSS

CVE•added 2024/06/27 7:15 p.m.•39 views

CVE-2024-5936

An open redirect vulnerability exists in imartinez/privategpt version 0.5.0 due to improper handling of the 'file' parameter. This vulnerability allows attackers to redirect users to a URL specified by user-controlled input without proper validation or sanitization. The impact of this vulnerability...

6.1CVSS4.5AI score0.00636EPSS

CVE•added 2024/06/27 7:15 p.m.•37 views

CVE-2024-5935

A Cross-Site Request Forgery (CSRF) vulnerability in version 0.5.0 of imartinez/privategpt allows an attacker to delete all uploaded files on the server. This can lead to data loss and service disruption for the application's users.

5.4CVSS6AI score0.00046EPSS