nvd-json-data-feeds/CVE-2024/CVE-2024-79xx/CVE-2024-7999.json

{
  "id": "CVE-2024-7999",
  "sourceIdentifier": "security@huntr.dev",
  "published": "2025-03-20T10:15:38.633",
  "lastModified": "2025-03-20T10:15:38.633",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability in open-webui/open-webui version 79778fa allows an attacker to cause a Denial of Service (DoS) by uploading a file with a malformed multipart boundary. By appending a large number of characters to the end of the multipart boundary, the server continuously processes each character, rendering the application inaccessible. This issue can prevent all users from accessing the application until the server recovers."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad en open-webui/open-webui versi\u00f3n 79778fa permite a un atacante provocar una denegaci\u00f3n de servicio (DoS) al subir un archivo con un l\u00edmite multiparte mal formado. Al a\u00f1adir una gran cantidad de caracteres al final del l\u00edmite multiparte, el servidor procesa continuamente cada car\u00e1cter, lo que hace que la aplicaci\u00f3n sea inaccesible. Este problema puede impedir que todos los usuarios accedan a la aplicaci\u00f3n hasta que el servidor se recupere."
    }
  ],
  "metrics": {
    "cvssMetricV30": [
      {
        "source": "security@huntr.dev",
        "type": "Secondary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6
      }
    ]
  },
  "weaknesses": [
    {
      "source": "security@huntr.dev",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://huntr.com/bounties/15eb4fbe-70d4-420e-806a-ec6f4ecb7202",
      "source": "security@huntr.dev"
    }
  ]
}
Auto-Update: 2025-03-20T11:00:20.508636+00:00 2025-03-20 11:03:52 +00:00			`{`
			`"id": "CVE-2024-7999",`
			`"sourceIdentifier": "security@huntr.dev",`
			`"published": "2025-03-20T10:15:38.633",`
			`"lastModified": "2025-03-20T10:15:38.633",`
Auto-Update: 2025-03-23T03:00:20.104511+00:00 2025-03-23 03:03:54 +00:00			`"vulnStatus": "Awaiting Analysis",`
Auto-Update: 2025-03-20T11:00:20.508636+00:00 2025-03-20 11:03:52 +00:00			`"cveTags": [],`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "A vulnerability in open-webui/open-webui version 79778fa allows an attacker to cause a Denial of Service (DoS) by uploading a file with a malformed multipart boundary. By appending a large number of characters to the end of the multipart boundary, the server continuously processes each character, rendering the application inaccessible. This issue can prevent all users from accessing the application until the server recovers."`
Auto-Update: 2025-03-23T03:00:20.104511+00:00 2025-03-23 03:03:54 +00:00			`},`
			`{`
			`"lang": "es",`
			"value": "Una vulnerabilidad en open-webui/open-webui versi\u00f3n 79778fa permite a un atacante provocar una denegaci\u00f3n de servicio (DoS) al subir un archivo con un l\u00edmite multiparte mal formado. Al a\u00f1adir una gran cantidad de caracteres al final del l\u00edmite multiparte, el servidor procesa continuamente cada car\u00e1cter, lo que hace que la aplicaci\u00f3n sea inaccesible. Este problema puede impedir que todos los usuarios accedan a la aplicaci\u00f3n hasta que el servidor se recupere."
Auto-Update: 2025-03-20T11:00:20.508636+00:00 2025-03-20 11:03:52 +00:00			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV30": [`
			`{`
			`"source": "security@huntr.dev",`
			`"type": "Secondary",`
			`"cvssData": {`
			`"version": "3.0",`
			`"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",`
			`"baseScore": 7.5,`
			`"baseSeverity": "HIGH",`
			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "NONE",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "NONE",`
			`"integrityImpact": "NONE",`
			`"availabilityImpact": "HIGH"`
			`},`
			`"exploitabilityScore": 3.9,`
			`"impactScore": 3.6`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "security@huntr.dev",`
			`"type": "Primary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-400"`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "https://huntr.com/bounties/15eb4fbe-70d4-420e-806a-ec6f4ecb7202",`
			`"source": "security@huntr.dev"`
			`}`
			`]`
			`}`