CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-5935

A Cross-Site Request Forgery (CSRF) vulnerability in version 0.5.0 of imartinez/privategpt allows an attacker to delete all uploaded files on the server. This can lead to data loss and service disruption for the application's users.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.1%

CVSS Severity

CVSS v3 Score 5.4

References

https://huntr.com/bounties/b374f1c9-fa25-4b52-a34d-5153afd5a295
https://huntr.com/bounties/b374f1c9-fa25-4b52-a34d-5153afd5a295

Products affected by CVE-2024-5935

Pribai » Privategpt » Version: 0.5.0

cpe:2.3:a:pribai:privategpt:0.5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-5935

Products

Pricing

Contact Us