Skip to main content

CWE-1057

Data Access Operations Outside of Expected Data Manager Component

1 CVEs Avg CVSS 4.3 MITRE
0
CRITICAL
0
HIGH
1
MEDIUM
0
LOW
1
POC
0
KEV

Monthly

CVE-2024-8143 PyPI MEDIUM POC PATCH This Month

In the latest version (20240628) of gaizhenbiao/chuanhuchatgpt, an issue exists in the /file endpoint that allows authenticated users to access the chat history of other users. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Chuanhuchatgpt
NVD GitHub
CVSS 3.1
4.3
EPSS
0.5%
EPSS 0% CVSS 4.3
MEDIUM POC PATCH This Month

In the latest version (20240628) of gaizhenbiao/chuanhuchatgpt, an issue exists in the /file endpoint that allows authenticated users to access the chat history of other users. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Chuanhuchatgpt
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy