2 matches found
CVE-2025-48879
OctoPrint versions up until and including 1.11.1 contain a vulnerability that allows any unauthenticated attacker to send a manipulated broken multipart/form-data request to OctoPrint and through that make the web server component become unresponsive. The issue can be triggered by a broken...
CVE-2025-48879
CVE-2025-48879 affects OctoPrint up to 1.11.1. A broken multipart/form-data request can be sent to endpoints handled by octoprint.server.util.tornado.UploadStorageFallbackHandler, causing an endless busy loop that blocks the Tornado web server and results in DoS. The issue is mitigated by upgradi...