CRITICAL 9.1

PYSEC-2026-323

DB-GPT Absolute Path Traversal vulnerability

상세

In eosphoros-ai/db-gpt version 0.6.0, the endpoint for uploading files is vulnerable to absolute path traversal. This vulnerability allows an attacker to upload arbitrary files to arbitrary locations on the target server. The issue arises because the `file_key` and `doc_file.filename` parameters are user-controllable, enabling the construction of paths outside the intended directory. This can lead to overwriting essential system files, such as SSH keys, for further exploitation.

이 버전이 영향받나요?

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

영향 패키지

PyPI / dbgpt

최초 영향 버전: 0

No fixed version published yet for dbgpt (pip). Pin to a known-safe version or switch to an alternative.

참고

https://nvd.nist.gov/vuln/detail/CVE-2024-10831 [ADVISORY]
https://github.com/eosphoros-ai/DB-GPT [PACKAGE]
https://huntr.com/bounties/5c34c39f-66d4-414c-ab6a-f7888a5d882a [WEB]
https://pypi.org/project/dbgpt [PACKAGE]
https://github.com/advisories/GHSA-hhw5-29f6-hf4x [ADVISORY]