A Cross-Site Request Forgery (CSRF) vulnerability in version 0.5.0 of imartinez/privategpt allows an attacker to delete all uploaded files on the server. This can lead to data loss and service disruption for the application's users.
Metrics
Affected Vendors & Products
References
History
Mon, 19 Aug 2024 21:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Zylon
Zylon privategpt |
|
CPEs | cpe:2.3:a:zylon:privategpt:0.5.0:*:*:*:*:*:*:* | |
Vendors & Products |
Zylon
Zylon privategpt |
|
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: @huntr_ai
Published: 2024-06-27T18:45:51.085Z
Updated: 2024-08-01T21:25:03.181Z
Reserved: 2024-06-12T20:12:37.534Z
Link: CVE-2024-5935
Vulnrichment
Updated: 2024-08-01T21:25:03.181Z
NVD
Status : Modified
Published: 2024-06-27T19:15:18.073
Modified: 2024-11-21T09:48:36.403
Link: CVE-2024-5935
Redhat
No data.