4 matches found
CVE-2025-49000 InvenTree has uncontrolled memory allocation via built-in label-sheet plugin
InvenTree is an Open Source Inventory Management System. Prior to version 0.17.13, the skip field in the built-in label-sheet plugin lacks an upper bound, so a large value forces the server to allocate an enormous Python list. This lets any authenticated label-printing user trigger a...
CVE-2025-49000 InvenTree has uncontrolled memory allocation via built-in label-sheet plugin
InvenTree is an Open Source Inventory Management System. Prior to version 0.17.13, the skip field in the built-in label-sheet plugin lacks an upper bound, so a large value forces the server to allocate an enormous Python list. This lets any authenticated label-printing user trigger a...
CVE-2025-49000 InvenTree has uncontrolled memory allocation via built-in label-sheet plugin
InvenTree is an Open Source Inventory Management System. Prior to version 0.17.13, the skip field in the built-in label-sheet plugin lacks an upper bound, so a large value forces the server to allocate an enormous Python list. This lets any authenticated label-printing user trigger a...
InvenTree 安全漏洞
InvenTree is an open source inventory management system from InvenTree Open Source. It provides powerful low-level inventory control and parts tracking. A security vulnerability exists in InvenTree versions prior to 0.17.13, which stems from an uncapped skip field in the built-in label-sheet...