CyberAlerts

CVE-2024-8966

Description: A vulnerability in the file upload process of gradio-app/gradio version @gradio/[email protected] allows for a Denial of Service (DoS) attack. An attacker can append a large number of characters to the end of a multipart boundary, causing the system to continuously process each character and issue warnings. This can render Gradio inaccessible for extended periods, disrupting services and causing significant downtime.

CVSS: HIGH (7.5)

EPSS Score: 0.05%

Source: CVE

March 20th, 2025 (4 months ago)

CVE-2024-8958

Unrestricted File Write and Read in composiohq/composio

Description: In composiohq/composio version 0.4.3, there is an unrestricted file write and read vulnerability in the filetools actions. Due to improper validation of file paths, an attacker can read and write files anywhere on the server, potentially leading to privilege escalation or remote code execution.

CVSS: HIGH (7.2)

EPSS Score: 0.35%

Source: CVE

March 20th, 2025 (4 months ago)

CVE-2024-8953

Unsafe eval usage in composiohq/composio

Description: In composiohq/composio version 0.4.3, the mathematical_calculator endpoint uses the unsafe eval() function to perform mathematical operations. This can lead to arbitrary code execution if untrusted input is passed to the eval() function.

CVSS: HIGH (7.2)

EPSS Score: 0.09%

Source: CVE

March 20th, 2025 (4 months ago)

CVE-2024-8859

Path Traversal in mlflow/mlflow

Description: A path traversal vulnerability exists in mlflow/mlflow version 2.15.1. When users configure and use the dbfs service, concatenating the URL directly into the file protocol results in an arbitrary file read vulnerability. This issue occurs because only the path part of the URL is checked, while parts such as query and parameters are not handled. The vulnerability is triggered if the user has configured the dbfs service, and during usage, the service is mounted to a local directory.

CVSS: HIGH (7.5)

EPSS Score: 18.01%

Source: CVE

March 20th, 2025 (4 months ago)

CVE-2024-8789

Regular Expression Denial of Service (ReDoS) in lunary-ai/lunary

Description: Lunary-ai/lunary version git 105a3f6 is vulnerable to a Regular Expression Denial of Service (ReDoS) attack. The application allows users to upload their own regular expressions, which are then executed on the server side. Certain regular expressions can have exponential runtime complexity relative to the input size, leading to potential denial of service. An attacker can exploit this by submitting a specially crafted regular expression, causing the server to become unresponsive for an arbitrary length of time.

CVSS: HIGH (7.5)

EPSS Score: 0.05%

Source: CVE

March 20th, 2025 (4 months ago)

CVE-2024-8765

Improper Path Equivalence Resolution in lunary-ai/lunary

Description: In lunary-ai/lunary, the privilege check mechanism is flawed in version git afc5df4. The system incorrectly identifies certain endpoints as public if the path contains '/auth/' anywhere within it. This allows unauthenticated attackers to access sensitive endpoints by including '/auth/' in the path. As a result, attackers can obtain and modify sensitive data and utilize other organizations' resources without proper authentication.

CVSS: HIGH (7.3)

EPSS Score: 0.1%

Source: CVE

March 20th, 2025 (4 months ago)

CVE-2024-8764

Improper Authorization in lunary-ai/lunary

Description: A vulnerability in lunary-ai/lunary, as of commit be54057, allows users to upload and execute arbitrary regular expressions on the server side. This can lead to a Denial of Service (DoS) condition, as certain regular expressions can cause excessive resource consumption, blocking the server from processing other requests.

CVSS: HIGH (7.5)

EPSS Score: 0.05%

Source: CVE

March 20th, 2025 (4 months ago)

CVE-2024-8763

Regular Expression Denial of Service (ReDoS) in lunary-ai/lunary

Description: A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary repository, specifically in the compileTextTemplate function. The affected version is git be54057. An attacker can exploit this vulnerability by manipulating the regular expression /{{(.*?)}}/g, causing the server to hang indefinitely and become unresponsive to any requests. This is due to the regular expression's susceptibility to second-degree polynomial time complexity, which can be triggered by a large number of braces in the input.

CVSS: HIGH (7.5)

EPSS Score: 0.05%

Source: CVE

March 20th, 2025 (4 months ago)

CVE-2024-8736

Denial of Service (DoS) via Multipart Boundary in parisneo/lollms-webui

Description: A Denial of Service (DoS) vulnerability exists in multiple file upload endpoints of parisneo/lollms-webui version V12 (Strawberry). The vulnerability can be exploited remotely via Cross-Site Request Forgery (CSRF). Despite CSRF protection preventing file uploads, the application still processes multipart boundaries, leading to resource exhaustion. By appending additional characters to the multipart boundary, an attacker can cause the server to parse each byte of the boundary, ultimately leading to service unavailability. This vulnerability is present in the `/upload_avatar`, `/upload_app`, and `/upload_logo` endpoints.

CVSS: HIGH (7.1)

EPSS Score: 0.02%

Source: CVE

March 20th, 2025 (4 months ago)

CVE-2024-8616

Arbitrary File Overwrite in h2oai/h2o-3

Description: In h2oai/h2o-3 version 3.46.0, the `/99/Models/{name}/json` endpoint allows for arbitrary file overwrite on the target server. The vulnerability arises from the `exportModelDetails` function in `ModelsHandler.java`, where the user-controllable `mexport.dir` parameter is used to specify the file path for writing model details. This can lead to overwriting files at arbitrary locations on the host system.

CVSS: HIGH (8.2)

EPSS Score: 0.05%

Source: CVE

March 20th, 2025 (4 months ago)

Threat and Vulnerability Intelligence Database

Example Searches:

CVE-2024-8966	Denial of Service in gradio-app/gradio Description: A vulnerability in the file upload process of gradio-app/gradio version @gradio/[email protected] allows for a Denial of Service (DoS) attack. An attacker can append a large number of characters to the end of a multipart boundary, causing the system to continuously process each character and issue warnings. This can render Gradio inaccessible for extended periods, disrupting services and causing significant downtime. CVSS: HIGH (7.5) EPSS Score: 0.05% Source: CVE March 20th, 2025 (4 months ago)
CVE-2024-8958	Unrestricted File Write and Read in composiohq/composio Description: In composiohq/composio version 0.4.3, there is an unrestricted file write and read vulnerability in the filetools actions. Due to improper validation of file paths, an attacker can read and write files anywhere on the server, potentially leading to privilege escalation or remote code execution. CVSS: HIGH (7.2) EPSS Score: 0.35% Source: CVE March 20th, 2025 (4 months ago)
CVE-2024-8953	Unsafe eval usage in composiohq/composio Description: In composiohq/composio version 0.4.3, the mathematical_calculator endpoint uses the unsafe eval() function to perform mathematical operations. This can lead to arbitrary code execution if untrusted input is passed to the eval() function. CVSS: HIGH (7.2) EPSS Score: 0.09% Source: CVE March 20th, 2025 (4 months ago)
CVE-2024-8859	Path Traversal in mlflow/mlflow Description: A path traversal vulnerability exists in mlflow/mlflow version 2.15.1. When users configure and use the dbfs service, concatenating the URL directly into the file protocol results in an arbitrary file read vulnerability. This issue occurs because only the path part of the URL is checked, while parts such as query and parameters are not handled. The vulnerability is triggered if the user has configured the dbfs service, and during usage, the service is mounted to a local directory. CVSS: HIGH (7.5) EPSS Score: 18.01% Source: CVE March 20th, 2025 (4 months ago)
CVE-2024-8789	Regular Expression Denial of Service (ReDoS) in lunary-ai/lunary Description: Lunary-ai/lunary version git 105a3f6 is vulnerable to a Regular Expression Denial of Service (ReDoS) attack. The application allows users to upload their own regular expressions, which are then executed on the server side. Certain regular expressions can have exponential runtime complexity relative to the input size, leading to potential denial of service. An attacker can exploit this by submitting a specially crafted regular expression, causing the server to become unresponsive for an arbitrary length of time. CVSS: HIGH (7.5) EPSS Score: 0.05% Source: CVE March 20th, 2025 (4 months ago)
CVE-2024-8765	Improper Path Equivalence Resolution in lunary-ai/lunary Description: In lunary-ai/lunary, the privilege check mechanism is flawed in version git afc5df4. The system incorrectly identifies certain endpoints as public if the path contains '/auth/' anywhere within it. This allows unauthenticated attackers to access sensitive endpoints by including '/auth/' in the path. As a result, attackers can obtain and modify sensitive data and utilize other organizations' resources without proper authentication. CVSS: HIGH (7.3) EPSS Score: 0.1% Source: CVE March 20th, 2025 (4 months ago)
CVE-2024-8764	Improper Authorization in lunary-ai/lunary Description: A vulnerability in lunary-ai/lunary, as of commit be54057, allows users to upload and execute arbitrary regular expressions on the server side. This can lead to a Denial of Service (DoS) condition, as certain regular expressions can cause excessive resource consumption, blocking the server from processing other requests. CVSS: HIGH (7.5) EPSS Score: 0.05% Source: CVE March 20th, 2025 (4 months ago)
CVE-2024-8763	Regular Expression Denial of Service (ReDoS) in lunary-ai/lunary Description: A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary repository, specifically in the compileTextTemplate function. The affected version is git be54057. An attacker can exploit this vulnerability by manipulating the regular expression /{{(.*?)}}/g, causing the server to hang indefinitely and become unresponsive to any requests. This is due to the regular expression's susceptibility to second-degree polynomial time complexity, which can be triggered by a large number of braces in the input. CVSS: HIGH (7.5) EPSS Score: 0.05% Source: CVE March 20th, 2025 (4 months ago)
CVE-2024-8736	Denial of Service (DoS) via Multipart Boundary in parisneo/lollms-webui Description: A Denial of Service (DoS) vulnerability exists in multiple file upload endpoints of parisneo/lollms-webui version V12 (Strawberry). The vulnerability can be exploited remotely via Cross-Site Request Forgery (CSRF). Despite CSRF protection preventing file uploads, the application still processes multipart boundaries, leading to resource exhaustion. By appending additional characters to the multipart boundary, an attacker can cause the server to parse each byte of the boundary, ultimately leading to service unavailability. This vulnerability is present in the `/upload_avatar`, `/upload_app`, and `/upload_logo` endpoints. CVSS: HIGH (7.1) EPSS Score: 0.02% Source: CVE March 20th, 2025 (4 months ago)
CVE-2024-8616	Arbitrary File Overwrite in h2oai/h2o-3 Description: In h2oai/h2o-3 version 3.46.0, the `/99/Models/{name}/json` endpoint allows for arbitrary file overwrite on the target server. The vulnerability arises from the `exportModelDetails` function in `ModelsHandler.java`, where the user-controllable `mexport.dir` parameter is used to specify the file path for writing model details. This can lead to overwriting files at arbitrary locations on the host system. CVSS: HIGH (8.2) EPSS Score: 0.05% Source: CVE March 20th, 2025 (4 months ago)