Gaizhenbiao Chuanhuchatgpt
32 CVEs affecting Gaizhenbiao Chuanhuchatgpt. Latest disclosed: 2025-03-20. Critical: 6, High: 13.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-5982 | Critical | 9.8 | 2024-10-29 | A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability arises from unsanitized input handling in multiple… |
CVE-2024-5822 | Critical | 9.8 | 2024-06-27 | A Server-Side Request Forgery (SSRF) vulnerability exists in the upload processing interface of gaizhenbiao/ChuanhuChatGPT versions <= ChuanhuChatGPT-20240410-… |
CVE-2024-3234 | Critical | 9.8 | 2024-06-06 | The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its use of an outdated gradio component. The application is designed… |
CVE-2024-5823 | Critical | 9.1 | 2024-10-29 | A file overwrite vulnerability exists in gaizhenbiao/chuanhuchatgpt versions <= 20240410. This vulnerability allows an attacker to gain unauthorized access to… |
CVE-2024-6037 | Critical | 9.1 | 2024-07-10 | A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create arbitrary folders at any location on the server, including the root… |
CVE-2024-6036 | Critical | 9.1 | 2024-07-10 | A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to restart the server at will by sending a specific request to the `/queue/join?… |
CVE-2024-8613 | High | 8.8 | 2025-03-20 | A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240802 allows attackers to access, copy, and delete other users' chat histories. This issue arises due… |
CVE-2024-6255 | High | 8.2 | 2024-07-31 | A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to delete any JSON file on the server, including criti… |
CVE-2024-9216 | High | 8.1 | 2025-03-20 | An authentication bypass vulnerability exists in gaizhenbiao/ChuanhuChatGPT, as of commit 3856d4f, allowing any user to read and delete other users' chat histo… |
CVE-2024-10650 | High | 7.5 | 2025-03-20 | An unauthenticated Denial of Service (DoS) vulnerability was identified in ChuanhuChatGPT version 20240918, which could be exploited by sending large data payl… |
CVE-2024-7962 | High | 7.5 | 2024-10-29 | An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to insufficient validation when loading prompt template files. A… |
CVE-2024-7807 | High | 7.5 | 2024-10-29 | A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows for a Denial of Service (DOS) attack. When uploading a file, if an attacker appends a lar… |
CVE-2024-6090 | High | 7.5 | 2024-06-27 | A path traversal vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240410, allowing any user to delete other users' chat histories. This vulnerabili… |
CVE-2024-6038 | High | 7.5 | 2024-06-27 | A Regular Expression Denial of Service (ReDoS) vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability is located in the fi… |
CVE-2024-5124 | High | 7.5 | 2024-06-06 | A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically within the password comparison logic. The vulnerability is pres… |
CVE-2024-4520 | High | 7.5 | 2024-06-04 | An improper access control vulnerability exists in the gaizhenbiao/chuanhuchatgpt application, specifically in version 20240410. This vulnerability allows any… |
CVE-2024-4321 | High | 7.5 | 2024-05-16 | A Local File Inclusion (LFI) vulnerability exists in the gaizhenbiao/chuanhuchatgpt application, specifically within the functionality for uploading chat histo… |
CVE-2024-2217 | High | 7.5 | 2024-04-10 | gaizhenbiao/chuanhuchatgpt is vulnerable to improper access control, allowing unauthorized access to the `config.json` file. This vulnerability is present in b… |
CVE-2023-34094 | High | 7.5 | 2023-06-02 | ChuanhuChatGPT is a graphical user interface for ChatGPT and many large language models. A vulnerability in versions 20230526 and prior allows unauthorized acc… |
CVE-2025-0191 | Medium | 6.5 | 2025-03-20 | A Denial of Service (DoS) vulnerability exists in the file upload feature of gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability is due to improper… |