CVE-2024-10100

Name of the Vulnerable Software and Affected Versions binary-husky/gpt academic version 3.83

Description A path traversal issue exists due to improper handling of the file parameter, which is open to path traversal through URL encoding. This allows attackers to view any file on the host system, including sensitive files such as critical application files, SSH keys, API keys, and configuration values.

Recommendations For binary-husky/gpt academic version 3.83, urgently patch the affected system to prevent exploitation. As a temporary workaround, consider restricting access to the file parameter to minimize the risk of path traversal attacks. Monitor for exploit attempts and apply the patch as soon as possible.