Pribai Privategpt

10 CVEs affecting Pribai Privategpt. Latest disclosed: 2025-05-10. Critical: 1, High: 4.

Top CVEs affecting Pribai Privategpt
CVESeverityScorePublishedSummary
CVE-2024-4343Critical9.82024-11-14A Python command injection vulnerability exists in the `SagemakerLLM` class's `complete()` method within `./private_gpt/components/llm/custom/sagemaker.py` of…
CVE-2024-8018High7.52025-03-20A vulnerability in imartinez/privategpt version 0.5.0 allows for a Denial of Service (DOS) attack. When uploading a file, if an attacker appends a large number…
CVE-2024-12063High7.52025-03-20A Denial of Service (DoS) vulnerability exists in the file upload feature of imartinez/privategpt version v0.6.2. The vulnerability is due to improper handling…
CVE-2024-3403High7.52024-05-16imartinez/privategpt version 0.2.0 is vulnerable to a local file inclusion vulnerability that allows attackers to read arbitrary files from the filesystem. By…
CVE-2024-5186High7.22024-06-06A Server-Side Request Forgery (SSRF) vulnerability exists in the file upload section of imartinez/privategpt version 0.5.0. This vulnerability allows attackers…
CVE-2024-8029Medium6.12025-03-20An XSS vulnerability was discovered in the upload file(s) process of imartinez/privategpt v0.5.0. Attackers can upload malicious SVG files, which execute JavaS…
CVE-2024-5936Medium6.12024-06-27An open redirect vulnerability exists in imartinez/privategpt version 0.5.0 due to improper handling of the 'file' parameter. This vulnerability allows attacke…
CVE-2024-5935Medium5.42024-06-27A Cross-Site Request Forgery (CSRF) vulnerability in version 0.5.0 of imartinez/privategpt allows an attacker to delete all uploaded files on the server. This…
CVE-2024-3851Medium5.42024-05-16A stored Cross-Site Scripting (XSS) vulnerability exists in the 'imartinez/privategpt' repository due to improper validation of file uploads. Attackers can exp…
CVE-2025-4515Medium4.32025-05-10A vulnerability, which was classified as problematic, was found in Zylon PrivateGPT up to 0.6.2. This affects an unknown part of the file settings.yaml. The ma…