CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-3404

In gaizhenbiao/chuanhuchatgpt, specifically the version tagged as 20240121, there exists a vulnerability due to improper access control mechanisms. This flaw allows an authenticated attacker to bypass intended access restrictions and read the `history` files of other users, potentially leading to unauthorized access to sensitive information. The vulnerability is present in the application's handling of access control for the `history` path, where no adequate mechanism is in place to prevent an authenticated user from accessing another user's chat history files. This issue poses a significant risk as it could allow attackers to obtain sensitive information from the chat history of other users.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.3%

CVSS Severity

CVSS v3 Score 6.5

References

Products affected by CVE-2024-3404

Gaizhenbiao » Chuanhuchatgpt » Version: N/A

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:-
Gaizhenbiao » Chuanhuchatgpt » Version: 20230303

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230303
Gaizhenbiao » Chuanhuchatgpt » Version: 20230305

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230305
Gaizhenbiao » Chuanhuchatgpt » Version: 20230307

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230307
Gaizhenbiao » Chuanhuchatgpt » Version: 20230310

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230310
Gaizhenbiao » Chuanhuchatgpt » Version: 20230314

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230314
Gaizhenbiao » Chuanhuchatgpt » Version: 20230317

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230317
Gaizhenbiao » Chuanhuchatgpt » Version: 20230320

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230320
Gaizhenbiao » Chuanhuchatgpt » Version: 20230323

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230323
Gaizhenbiao » Chuanhuchatgpt » Version: 20230327

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230327
Gaizhenbiao » Chuanhuchatgpt » Version: 20230330

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230330
Gaizhenbiao » Chuanhuchatgpt » Version: 20230405

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230405
Gaizhenbiao » Chuanhuchatgpt » Version: 20230409

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230409
Gaizhenbiao » Chuanhuchatgpt » Version: 20230413

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230413
Gaizhenbiao » Chuanhuchatgpt » Version: 20230417

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230417
Gaizhenbiao » Chuanhuchatgpt » Version: 20230422

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230422
Gaizhenbiao » Chuanhuchatgpt » Version: 20230427

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230427
Gaizhenbiao » Chuanhuchatgpt » Version: 20230502

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230502
Gaizhenbiao » Chuanhuchatgpt » Version: 20230507

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230507
Gaizhenbiao » Chuanhuchatgpt » Version: 20230513

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230513
Gaizhenbiao » Chuanhuchatgpt » Version: 20230520

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230520
Gaizhenbiao » Chuanhuchatgpt » Version: 20230526

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230526
Gaizhenbiao » Chuanhuchatgpt » Version: 20230601

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230601
Gaizhenbiao » Chuanhuchatgpt » Version: 20230614

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230614
Gaizhenbiao » Chuanhuchatgpt » Version: 20230619

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230619
Gaizhenbiao » Chuanhuchatgpt » Version: 20230628

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230628
Gaizhenbiao » Chuanhuchatgpt » Version: 20230709

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230709
Gaizhenbiao » Chuanhuchatgpt » Version: 20230719

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230719
Gaizhenbiao » Chuanhuchatgpt » Version: 20230728

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230728
Gaizhenbiao » Chuanhuchatgpt » Version: 20230809

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230809
Gaizhenbiao » Chuanhuchatgpt » Version: 20230820

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230820
Gaizhenbiao » Chuanhuchatgpt » Version: 20230830

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230830
Gaizhenbiao » Chuanhuchatgpt » Version: 20230911

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230911
Gaizhenbiao » Chuanhuchatgpt » Version: 20230916

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230916
Gaizhenbiao » Chuanhuchatgpt » Version: 20230926

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20230926
Gaizhenbiao » Chuanhuchatgpt » Version: 20231006

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20231006
Gaizhenbiao » Chuanhuchatgpt » Version: 20231020

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20231020
Gaizhenbiao » Chuanhuchatgpt » Version: 20231110

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20231110
Gaizhenbiao » Chuanhuchatgpt » Version: 20231215

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20231215
Gaizhenbiao » Chuanhuchatgpt » Version: 20231223

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20231223
Gaizhenbiao » Chuanhuchatgpt » Version: 20240121

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20240121
Gaizhenbiao » Chuanhuchatgpt » Version: 20240305

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20240305
Gaizhenbiao » Chuanhuchatgpt » Version: 20240310

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20240310
Gaizhenbiao » Chuanhuchatgpt » Version: 20240410

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20240410
Gaizhenbiao » Chuanhuchatgpt » Version: 20240628

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20240628
Gaizhenbiao » Chuanhuchatgpt » Version: 20240802

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20240802
Gaizhenbiao » Chuanhuchatgpt » Version: 20240914

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20240914
Gaizhenbiao » Chuanhuchatgpt » Version: 20240918

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20240918
Gaizhenbiao » Chuanhuchatgpt » Version: 20240919-2

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20240919-2
Gaizhenbiao » Chuanhuchatgpt » Version: 20240919-3

cpe:2.3:a:gaizhenbiao:chuanhuchatgpt:20240919-3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-3404

Products

Pricing

Contact Us