Privategpt Security Vulnerabilities and Issues — Privategpt CVE List

Lucene search

PribaiPrivategpt

3 matches found

CVE•added 2024/05/16 9:15 a.m.•53 views

CVE-2024-3403

imartinez/privategpt version 0.2.0 is vulnerable to a local file inclusion vulnerability that allows attackers to read arbitrary files from the filesystem. By manipulating file upload functionality to ingest arbitrary local files, attackers can exploit the 'Search in Docs' feature or query the AI t...

7.5CVSS7.4AI score0.01337EPSS

CVE•added 2025/03/20 10:15 a.m.•35 views

CVE-2024-8018

A vulnerability in imartinez/privategpt version 0.5.0 allows for a Denial of Service (DOS) attack. When uploading a file, if an attacker appends a large number of characters to the end of a multipart boundary, the system will continuously process these characters, rendering privateGPT inaccessible....

7.5CVSS7.5AI score0.00134EPSS

CVE•added 2025/03/20 10:15 a.m.•33 views

CVE-2024-12063

A Denial of Service (DoS) vulnerability exists in the file upload feature of imartinez/privategpt version v0.6.2. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. An attacker can exploit this by sending a payload with an excessively large ...

7.5CVSS7.5AI score0.00276EPSS