4 matches found
CVE-2024-55653
PwnDoc is a penetration test report generator. In versions up to and including 0.5.3, an authenticated user is able to crash the backend by raising a UnhandledPromiseRejection on audits which exits the backend. The user doesn't need to know the audit id, since a bad audit id will also raise the...
CVE-2024-55653
creationtimestamp| type| source ---|---|--- 2024-12-10 22:57:12+00:00| seen| https://infosec.exchange/users/cve/statuses/113630998146893259 2024-12-11 01:01:35+00:00| seen| https://t.me/cvedetector/12612 2025-09-16 23:16:38+00:00| seen| MISP/be792712-f638-4d7d-b62d-4f5032e86764 2025-09-18...
CVE-2024-55653
CVE-2024-55653 affects the PwnDoc open-source tool, with versions up to and including 0.5.3. The root issue is an authentication-bypassable path that can raise an UnhandledPromiseRejection on audits, causing the backend to crash. This makes the entire application unresponsive and unusable for all...
CVE-2024-55653 pwndoc's UnhandledPromiseRejection on audits causes Denial of Service (DoS)
PwnDoc is a penetration test report generator. In versions up to and including 0.5.3, an authenticated user is able to crash the backend by raising a UnhandledPromiseRejection on audits which exits the backend. The user doesn't need to know the audit id, since a bad audit id will also raise the...