Description
parisneo/lollms-webui is vulnerable to a denial of service (DoS) attack due to uncontrolled resource consumption. Attackers can exploit the `/open_code_in_vs_code` and similar endpoints without authentication by sending repeated HTTP POST requests, leading to the opening of Visual Studio Code or the default folder opener (e.g., File Explorer, xdg-open) multiple times. This can render the host machine unusable by exhausting system resources. The vulnerability is present in the latest version of the software.
INFO
Published Date :
2024-04-16T00:00:14.761Z
Last Modified :
2024-08-01T18:40:21.481Z
Source :
@huntr_ai
AFFECTED PRODUCTS
The following products are affected by CVE-2024-1569 vulnerability.
| Vendors | Products |
|---|---|
| Lollms |
|
REFERENCES
Here, you will find a curated list of external links that provide in-depth information to CVE-2024-1569.