CVE-2024-13059 | mintplex-labs anything-llm up to 1.3.0 Non-ASCII Filename path traversal

Inserito da Angelo Barbosa | Feb 10, 2025 | CVE

A vulnerability has been found in mintplex-labs anything-llm up to 1.3.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Non-ASCII Filename Handler. The manipulation leads to path traversal: ‘..filename’.

This vulnerability is known as CVE-2024-13059. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-13059 | mintplex-labs anything-llm up to 1.3.0 Non-ASCII Filename path traversal

Post correlati

CVE-2024-50557 | Siemens RUGGEDCOM RM1224 LTE(4G) EU up to 8.1 iperf input validation (ssa-354112)

CVE-2023-42883 | Apple Safari Image denial of service

CVE-2024-5973 | MasterStudy LMS Plugin up to 3.3.23 on WordPress privileges management

CVE-2024-13471 | designthemes DesignThemes Core Features Plugin up to 4.7 on WordPress dt_process_imported_file path traversal