CVE-2024-52787 | libre-chat 0.0.6 upload_documents filename path traversal (ID 10)

Inserito da Angelo Barbosa | Nov 25, 2024 | CVE

A vulnerability was found in libre-chat 0.0.6. It has been classified as critical. This affects the function upload_documents. The manipulation of the argument filename leads to path traversal.

This vulnerability is uniquely identified as CVE-2024-52787. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-52787 | libre-chat 0.0.6 upload_documents filename path traversal (ID 10)

Post correlati

CVE-2024-26620 | Linux Kernel up to 6.1.75/6.6.14/6.7.2 vfio-ap vfio_ap_mdev_filter_matrix Privilege Escalation

CVE-2024-36994 | Splunk Enterprise/Cloud Platform Web Bulletin Message cross site scripting (SVD-2024-0714)

CVE-2024-31469 | Aruba InstantOS/ArubaOS PAPI buffer overflow (ARUBA-PSA-2024-006)

CVE-2023-6704 | Google Chrome prior 120.0.6099.109 libavif use after free