Unrated severityNVD Advisory· Published Mar 20, 2025· Updated Oct 15, 2025

Denial of Service (DOS) in imartinez/privategpt

CVE-2024-8018

Description

A vulnerability in imartinez/privategpt version 0.5.0 allows for a Denial of Service (DOS) attack. When uploading a file, if an attacker appends a large number of characters to the end of a multipart boundary, the system will continuously process these characters, rendering privateGPT inaccessible. This uncontrolled resource consumption can lead to prolonged unavailability of the service, disrupting operations and causing potential data inaccessibility and loss of productivity.

Affected products

Zylon/Privategptllm-fuzzy
Range: =0.5.0
imartinez/imartinez/privategptv5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

huntr.com/bounties/0661fa3b-bea4-4156-abed-a65d51958505mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000