Latest version: v0.7.0
| CVE/PVE | Vulnerability ID | Advisory | Affected versions | Severity | Severity Score |
|---|---|---|---|---|---|
| CVE-2024-10834 | 76094 |
Affected versions of DB-GPT are vulnerable to a path traversal attack… |
|
- | - |
| CVE-2024-10901 | 76286 |
In eosphoros-ai/db-gpt version v0.6.3 and earlier, the web API POST /… |
|
- | - |
| CVE-2024-10833 | 76290 |
eosphoros-ai/db-gpt version 0.6.0 is vulnerable to an arbitrary file … |
|
- | - |
| CVE-2024-10906 | 76282 |
In version 0.6.0 of eosphoros-ai/db-gpt, the uvicorn app created by d… |
|
- | - |
| CVE-2024-10831 | 76289 |
In eosphoros-ai/db-gpt version 0.6.0, the endpoint for uploading file… |
|
- | - |
| CVE-2024-10830 | 76287 |
A Path Traversal vulnerability exists in the eosphoros-ai/db-gpt vers… |
|
- | - |
| CVE-2024-10902 | 76283 |
In eosphoros-ai/db-gpt version v0.6.0, the web API POST /v1/personal/… |
|
- | - |
| CVE-2024-10829 | 76285 |
A Denial of Service (DoS) vulnerability in the multipart request boun… |
|
- | - |