exploitDog

CVE-2024-10829

Опубликовано: 20 мар. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

A Denial of Service (DoS) vulnerability in the multipart request boundary processing mechanism of eosphoros-ai/db-gpt v0.6.0 allows unauthenticated attackers to cause excessive resource consumption. The server fails to handle excessive characters appended to the end of multipart boundaries, leading to an infinite loop and complete denial of service for all users. This vulnerability affects all endpoints processing multipart/form-data requests.

Ссылки

https://huntr.com/bounties/e3a4a0ad-a2e0-497f-a2e0-e3c0ec7c4de4
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:dbgpt:db-gpt:0.6.0:*:*:*:*:*:*:*

EPSS

Процентиль: 49%

0.00263

Низкий

7.5 High

CVSS3

Дефекты

CWE-835

Связанные уязвимости

GHSA-6xgj-c5fx-5v57

CVSS3: 7.5

github

11 месяцев назад

DB-GPT Uncontrolled Resource Consumption vulnerability

EPSS

Процентиль: 49%

0.00263

Низкий

7.5 High

CVSS3

Дефекты

CWE-835