CVE-2024-52787 | libre-chat 0.0.6 upload_documents filename path traversal (ID 10)

Inserito da Angelo Barbosa | Nov 25, 2024 | CVE

A vulnerability was found in libre-chat 0.0.6. It has been classified as critical. This affects the function upload_documents. The manipulation of the argument filename leads to path traversal.

This vulnerability is uniquely identified as CVE-2024-52787. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-52787 | libre-chat 0.0.6 upload_documents filename path traversal (ID 10)

Post correlati

CVE-2024-22905 | ARM Mbed OS 6.17.0 hciTrSerialRxIncoming buffer overflow

CVE-2023-50244 | LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623 Realtek rtl819x Jungle SDK formIpQoS entry_name stack-based overflow (TALOS-2023-1895)

CVE-2024-25180 | pdfmake 0.2.9 HTTP POST Request /pdf Privilege Escalation

CVE-2024-4079 | NI LabVIEW up to 24.1 VI out-of-bounds