Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelist@huntr_aiCVELIST:CVE-2024-1569
HistoryApr 16, 2024 - 12:00 a.m.

CVE-2024-1569 Uncontrolled Resource Consumption in parisneo/lollms-webui

2024-04-1600:00:14
CWE-400
@huntr_ai
raw.githubusercontent.com
1
resource consumption
parisneo/lollms-webui
dos attack
unauthenticated access
http post requests
visual studio code
default folder opener
system resources
latest version

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

8.4%

JSON

parisneo/lollms-webui is vulnerable to a denial of service (DoS) attack due to uncontrolled resource consumption. Attackers can exploit the /open_code_in_vs_code and similar endpoints without authentication by sending repeated HTTP POST requests, leading to the opening of Visual Studio Code or the default folder opener (e.g., File Explorer, xdg-open) multiple times. This can render the host machine unusable by exhausting system resources. The vulnerability is present in the latest version of the software.

Related

cve 1
osv 1
cve
cve
CVE-2024-1569
2024-04-16 00:15:09
osv
osv
CVE-2024-1569
2024-04-16 00:15:09

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

8.4%

JSON
Related for CVELIST:CVE-2024-1569
cve1osv1