Unrated severityNVD Advisory· Published Mar 20, 2025· Updated Mar 20, 2025

Denial of Service in imartinez/privategpt

CVE-2024-12063

Description

A Denial of Service (DoS) vulnerability exists in the file upload feature of imartinez/privategpt version v0.6.2. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. An attacker can exploit this by sending a payload with an excessively large filename, causing the server to become overwhelmed and unavailable to legitimate users.

Affected products

Zylon/Privategptllm-fuzzy
Range: = 0.6.2
imartinez/imartinez/privategptv5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

huntr.com/bounties/7db0091f-cb53-4cde-aad7-7ce491dfd8d9mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000