← Zuruck zu CVEs
CVE-2024-11037
N/ABeschreibung
A path traversal vulnerability exists in binary-husky/gpt_academic at commit 679352d, which allows an attacker to bypass the blocked_paths protection and read the config.py file containing sensitive information such as the OpenAI API key. This vulnerability is exploitable on Windows operating systems by accessing a specific URL that includes the absolute path of the project.
CVE Details
CVSS v3.1 BewertungN/A
Veroffentlicht3/20/2025
Zuletzt geandert7/31/2025
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
binary-husky:gpt_academic
Schwachen (CWE)
CWE-22
Referenzen
https://huntr.com/bounties/91243fc1-f287-4f4b-8aa6-dfe3efff23e5(security@huntr.dev)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.