CVE-2024-5827 | vanna-ai vanna up to 0.3.4 DuckDB unrestricted upload

Posted by Angelo Barbosa | Jun 28, 2024 | CVE

A vulnerability was found in vanna-ai vanna up to 0.3.4. It has been classified as very critical. Affected is an unknown function of the component DuckDB. The manipulation leads to unrestricted upload.

This vulnerability is traded as CVE-2024-5827. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-5827 | vanna-ai vanna up to 0.3.4 DuckDB unrestricted upload

Related Posts

CVE-2024-25086 | Mitsubishi Electric CPU Module Logging Configuration Tool privileges management (icsa-24-135-04)

CVE-2024-27414 | Linux Kernel up to 6.7.8 rtnetlink rtnl_bridge_setlink state issue

CVE-2024-33924 | Realtyna Organic IDX plugin up to 4.14.4 on WordPress cross site scripting

CVE-2024-6677 | Citrix uberAgent up to 7.2.0 privileges management (CTX691103)