CVE-2024-52787

Published November 25th, 2024

View on NVD ↗

CVSS v3

9.1

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

An issue in the upload_documents method of libre-chat v0.0.6 allows attackers to execute a path traversal via supplying a crafted filename in an uploaded file.

vemonet/libre-chat

🦙 Free and Open Source Large Language Model (LLM) chatbot web UI and API. Self-hosted, offline capable and easy to setup.

GitHub

167