CVE-2024-9340 in zenmlИнформация

Сводка

по MITRE • 20.03.2025

A Denial of Service (DoS) vulnerability in zenml-io/zenml version 0.66.0 allows unauthenticated attackers to cause excessive resource consumption by sending malformed multipart requests with arbitrary characters appended to the end of multipart boundaries. This flaw in the multipart request boundary processing mechanism leads to an infinite loop, resulting in a complete denial of service for all users. Affected endpoints include `/api/v1/login` and `/api/v1/device_authorization`.

Once again VulDB remains the best source for vulnerability data.

Ответственный

@huntr Ai

Резервировать

30.09.2024

Раскрытие

20.03.2025

Модерация

принято

Вход

VDB-300339

EPSS

0.00896

KEV

Нет

Деятельности

Очень низкий

Источники

Do you know our Splunk app?

Download it now for free!