admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-01 19:21:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-108xx/CVE-2024-10829.json
cad-safe-bot 45c9d5d76c Auto-Update: 2025-03-23T03:00:20.104511+00:00
2025-03-23 03:03:54 +00:00

60 lines
2.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-10829",
"sourceIdentifier": "security@huntr.dev",
"published": "2025-03-20T10:15:20.257",
"lastModified": "2025-03-20T10:15:20.257",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of eosphoros-ai/db-gpt v0.6.0 allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and complete denial of service for all users. This vulnerability affects all endpoints processing multipart/form-data requests."
},
{
"lang": "es",
"value": "Una vulnerabilidad de denegaci\u00f3n de servicio (DoS) en el mecanismo de procesamiento de los l\u00edmites de solicitudes multiparte de eosphoros-ai/db-gpt v0.6.0 permite a atacantes no autenticados consumir recursos excesivamente. El servidor no gestiona el exceso de caracteres a\u00f1adidos al final de los l\u00edmites multiparte, lo que genera un bucle infinito y una denegaci\u00f3n de servicio completa para todos los usuarios. Esta vulnerabilidad afecta a todos los endpoints que procesan solicitudes multiparte/form-data."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security@huntr.dev",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
]
},
"weaknesses": [
{
"source": "security@huntr.dev",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-400"
}
]
}
],
"references": [
{
"url": "https://huntr.com/bounties/e3a4a0ad-a2e0-497f-a2e0-e3c0ec7c4de4",
"source": "security@huntr.dev"
}
]
}
Reference in New Issue View Git Blame Copy Permalink