VYPR

Anythingllm

by Mintplex Labs

Source repositories

CVEs (69)

  • CVE-2024-0440Feb 25, 2024
    risk 0.00cvss epss 0.01

    Attacker, with permission to submit a link or submits a link via POST to be collected that is using the file:// protocol can then introspect host files and other relatively stored files.

  • CVE-2024-0798Feb 25, 2024
    risk 0.00cvss epss 0.01

    A privilege escalation vulnerability exists in mintplex-labs/anything-llm, allowing users with 'default' role to delete documents uploaded by 'admin'. Despite the intended restriction that prevents 'default' role users from deleting admin-uploaded documents, an attacker can…

  • CVE-2024-0455Feb 25, 2024
    risk 0.00cvss epss 0.01

    The inclusion of the web scraper for AnythingLLM means that any user with the proper authorization level (manager, admin, and when in single user) could put in the URL ``` http://169.254.169.254/latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance ```…

  • CVE-2024-22422Jan 19, 2024
    risk 0.00cvss epss 0.01

    AnythingLLM is an application that turns any document, resource, or piece of content into context that any LLM can use as references during chatting. In versions prior to commit `08d33cfd8` an unauthenticated API route (file export) can allow attacker to crash the server…

  • CVE-2023-5833Oct 30, 2023
    risk 0.00cvss epss 0.01

    Improper Access Control in GitHub repository mintplex-labs/anything-llm prior to 0.1.0.

  • CVE-2023-5832Oct 30, 2023
    risk 0.00cvss epss 0.01

    Improper Input Validation in GitHub repository mintplex-labs/anything-llm prior to 0.1.0.

  • CVE-2023-4899Sep 11, 2023
    risk 0.00cvss epss 0.01

    SQL Injection in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.

  • CVE-2023-4898Sep 11, 2023
    risk 0.00cvss epss 0.01

    Authentication Bypass by Primary Weakness in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.

  • CVE-2023-4897Sep 11, 2023
    risk 0.00cvss epss 0.01

    Relative Path Traversal in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.

Page 4 of 4