Description

A vulnerability in binary-husky/gpt_academic, as of commit 310122f, allows for a Regular Expression Denial of Service (ReDoS) attack. The function '解析项目源码(手动指定和筛选源码文件类型)' permits the execution of user-provided regular expressions. Certain regular expressions can cause the Python RE engine to take exponential time to execute, leading to a Denial of Service (DoS) condition. An attacker who controls both the regular expression and the search string can exploit this vulnerability to hang the server for an arbitrary amount of time.

INFO

Published Date :

2025-03-20T10:10:33.279Z

Last Modified :

2025-10-15T12:50:18.175Z

Source :

@huntr_ai
AFFECTED PRODUCTS

The following products are affected by CVE-2024-12391 vulnerability.

Vendors Products
Binary-husky
  • Gpt Academic
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-12391.

URL Resource
https://huntr.com/bounties/70b3f4f0-6b1b-4563-a18c-fe46502e6ba0 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact