CVE-2024-12063

High CVSS: 7.5

A Denial of Service (DoS) vulnerability exists in the file upload feature of imartinez/privategpt version v0.6.2. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. An attacker can exploit this by sending a payload with an excessively large filename, causing the server to become overwhelmed and unavailable to legitimate users.

Vendor

Pribai

Product

Privategpt

CWE

CWE-400

Yayın Tarihi

2025-03-20 10:15:26

Güncelleme

2025-07-17 16:02:22

Source Identifier

security@huntr.dev

KEV Date Added

Kategoriler

CWE-400 Privategpt HIGH Pribai 2025

Referanslar

https://huntr.com/bounties/7db0091f-cb53-4cde-aad7-7ce491dfd8d9

Benzer Kayıtlar

Medium

CVE-2025-4515

A vulnerability, which was classified as problematic, was found in Zylon PrivateGPT up to 0.6.2. This affects an unknown…

Medium

CVE-2024-8029

An XSS vulnerability was discovered in the upload file(s) process of imartinez/privategpt v0.5.0. Attackers can upload m…

High

CVE-2024-8018

A vulnerability in imartinez/privategpt version 0.5.0 allows for a Denial of Service (DOS) attack. When uploading a file…