Gaizhenbiao Chuanhuchatgpt — known CVE vulnerabilities
Every CVE whose affected-product data names Gaizhenbiao Chuanhuchatgpt, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (31)
CVE-2024-5822 — CVSS 9.8 (critical): A Server-Side Request Forgery (SSRF) vulnerability exists in the upload processing interface of gaizhenbiao/ChuanhuChatGPT versions <=…
CVE-2024-3234 — CVSS 9.8 (critical): The gaizhenbiao/chuanhuchatgpt application is vulnerable to a path traversal attack due to its use of an outdated gradio component. The…
CVE-2024-5982 — CVSS 9.8 (critical): A path traversal vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability arises from unsanitized input…
CVE-2024-6036 — CVSS 9.1 (critical): A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to restart the server at will by sending a specific request…
CVE-2024-5823 — CVSS 9.1 (critical): A file overwrite vulnerability exists in gaizhenbiao/chuanhuchatgpt versions <= 20240410. This vulnerability allows an attacker to gain…
CVE-2024-6037 — CVSS 9.1 (critical): A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows an attacker to create arbitrary folders at any location on the…
CVE-2024-8613 — CVSS 8.8 (high): A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240802 allows attackers to access, copy, and delete other users' chat histories…
CVE-2024-6255 — CVSS 8.2 (high): A vulnerability in the JSON file handling of gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to delete any JSON file on the…
CVE-2024-9216 — CVSS 8.1 (high): An authentication bypass vulnerability exists in gaizhenbiao/ChuanhuChatGPT, as of commit 3856d4f, allowing any user to read and delete…
CVE-2024-6038 — CVSS 7.5 (high): A Regular Expression Denial of Service (ReDoS) vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability…
CVE-2024-5124 — CVSS 7.5 (high): A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically within the password comparison logic. The…
CVE-2024-4520 — CVSS 7.5 (high): An improper access control vulnerability exists in the gaizhenbiao/chuanhuchatgpt application, specifically in version 20240410. This…
CVE-2024-4321 — CVSS 7.5 (high): A Local File Inclusion (LFI) vulnerability exists in the gaizhenbiao/chuanhuchatgpt application, specifically within the functionality for…
CVE-2024-2217 — CVSS 7.5 (high): gaizhenbiao/chuanhuchatgpt is vulnerable to improper access control, allowing unauthorized access to the `config.json` file. This…
CVE-2024-10650 — CVSS 7.5 (high): An unauthenticated Denial of Service (DoS) vulnerability was identified in ChuanhuChatGPT version 20240918, which could be exploited by…
CVE-2024-7962 — CVSS 7.5 (high): An arbitrary file read vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240628 due to insufficient validation when loading…
CVE-2024-7807 — CVSS 7.5 (high): A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240628 allows for a Denial of Service (DOS) attack. When uploading a file, if an…
CVE-2024-6090 — CVSS 7.5 (high): A path traversal vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240410, allowing any user to delete other users' chat…
CVE-2025-0191 — CVSS 6.5 (medium): A Denial of Service (DoS) vulnerability exists in the file upload feature of gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability…
CVE-2024-10707 — CVSS 6.5 (medium): gaizhenbiao/chuanhuchatgpt version git d4ec6a3 is affected by a local file inclusion vulnerability due to the use of the gradio component…
CVE-2024-10955 — CVSS 6.5 (medium): A Regular Expression Denial of Service (ReDoS) vulnerability exists in gaizhenbiao/chuanhuchatgpt, as of commit 20b2e02. The server uses…
CVE-2024-3404 — CVSS 6.5 (medium): In gaizhenbiao/chuanhuchatgpt, specifically the version tagged as 20240121, there exists a vulnerability due to improper access control…
CVE-2024-9159 — CVSS 6.5 (medium): An incorrect authorization vulnerability exists in gaizhenbiao/chuanhuchatgpt version git c91dbfc. The vulnerability allows any user to…
CVE-2025-0188 — CVSS 6.5 (medium): A Server-Side Request Forgery (SSRF) vulnerability was discovered in gaizhenbiao/chuanhuchatgpt version 20240914. The vulnerability allows…
CVE-2024-5278 — CVSS 6.1 (medium): gaizhenbiao/chuanhuchatgpt is vulnerable to an unrestricted file upload vulnerability due to insufficient validation of uploaded file types…
CVE-2024-48059 — CVSS 6.1 (medium): gaizhenbiao/chuanhuchatgpt project, version <=20240802 is vulnerable to stored Cross-Site Scripting (XSS) in WebSocket session…
CVE-2024-6035 — CVSS 6.1 (medium): A Stored Cross-Site Scripting (XSS) vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240410. This vulnerability allows an…
CVE-2024-3402 — CVSS 5.4 (medium): A stored Cross-Site Scripting (XSS) vulnerability existed in version (20240121) of gaizhenbiao/chuanhuchatgpt due to inadequate…
CVE-2024-9107 — CVSS 5.4 (medium): A stored cross-site scripting (XSS) vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, affecting version git 20b2e02. The…
CVE-2024-8400 — CVSS 5.4 (medium): A stored cross-site scripting (XSS) vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability allows an…
CVE-2024-8143 — CVSS 4.3 (medium): In the latest version (20240628) of gaizhenbiao/chuanhuchatgpt, an issue exists in the /file endpoint that allows authenticated users to…