You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
any installation model, version, os will affect by this vulnerability
File Upload
abstract
remote attack, deny of service
poc
to exploit vulnerability, someone must upload a huge file (maximum the left space of server. ), A huge and complex zip file is better choice.
content
A vulnerability in the file upload functionality of gpt_academic 3.9 allows attackers to upload excessively large files without proper size validation. This can result in resource exhaustion, leading to a denial of service (DoS) condition, as the server struggles to process or store the uploaded data. The issue occurs due to the absence of adequate file size limits or validation mechanisms in the upload process.
Screen Shot | 有帮助的截图
Terminal Traceback & Material to Help Reproduce Bugs | 终端traceback(如有) + 帮助我们复现的测试材料样本(如有)
there is no file type or file size limitation in the on_upload_file logic
The text was updated successfully, but these errors were encountered:
Installation Method | 安装方法与平台
Others (Please Describe)
Version | 版本
Latest | 最新版
OS | 操作系统
Linux
Describe the bug | 简述
any installation model, version, os will affect by this vulnerability
File Upload
abstract
remote attack, deny of service
poc
to exploit vulnerability, someone must upload a huge file (maximum the left space of server. ), A huge and complex zip file is better choice.
content
A vulnerability in the file upload functionality of gpt_academic 3.9 allows attackers to upload excessively large files without proper size validation. This can result in resource exhaustion, leading to a denial of service (DoS) condition, as the server struggles to process or store the uploaded data. The issue occurs due to the absence of adequate file size limits or validation mechanisms in the upload process.
Screen Shot | 有帮助的截图
Terminal Traceback & Material to Help Reproduce Bugs | 终端traceback(如有) + 帮助我们复现的测试材料样本(如有)
there is no file type or file size limitation in the on_upload_file logic
The text was updated successfully, but these errors were encountered: