Lucene search

@huntr_aiCVELIST:CVE-2024-6038

HistoryJun 27, 2024 - 6:41 p.m.

CVE-2024-6038 ReDoS Vulnerability in gaizhenbiao/chuanhuchatgpt

2024-06-2718:41:45

CWE-625

@huntr_ai

www.cve.org

vulnerability

gaizhenbiao/chuanhuchatgpt

filter_history

keyword injection

denial of service

regular expression

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

9.1%

JSON

A Regular Expression Denial of Service (ReDoS) vulnerability exists in the latest version of gaizhenbiao/chuanhuchatgpt. The vulnerability is located in the filter_history function within the utils.py module. This function takes a user-provided keyword and attempts to match it against chat history filenames using a regular expression search. Due to the lack of sanitization or validation of the keyword parameter, an attacker can inject a specially crafted regular expression, leading to a denial of service condition. This can cause severe degradation of service performance and potential system unavailability.

CNA Affected

[
  {
    "vendor": "gaizhenbiao",
    "product": "gaizhenbiao/chuanhuchatgpt",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "versionType": "custom",
        "lessThanOrEqual": "latest"
      }
    ]
  }
]

References

huntr.com/bounties/d41cca0a-82bc-4cbf-a52a-928d304fb42d

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

9.1%

JSON

Related for CVELIST:CVE-2024-6038