CVE-2024-10714
- Source
- https://cve.org/CVERecord?id=CVE-2024-10714
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-10714.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-10714
- Published
- 2025-03-20T10:15:18.527Z
- Modified
- 2026-04-10T05:08:09.773939Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
A vulnerability in binary-husky/gpt_academic version 3.83 allows an attacker to cause a Denial of Service (DoS) by adding excessive characters to the end of a multipart boundary during file upload. This results in the server continuously processing each character and displaying warnings, rendering the application inaccessible. The issue occurs when the terminal shows a warning: 'multipart.multipart Consuming a byte '0x2d' in end state'.
- References
Affected packages
Git / github.com/binary-husky/gpt_academic
Affected versions
version2.*
version2.68-3
version2.68-4
version2.7
version3.*
version3.1-2
version3.1-3
version3.15
version3.2
version3.3-3
version3.32
version3.33
version3.33-2
version3.34
version3.35
version3.36
version3.37
version3.37-2
version3.37-3
version3.37-4
version3.4
version3.4-2
version3.41-2
version3.41-3
version3.42
version3.42-2
version3.43
version3.44
version3.45
version3.47
version3.48
version3.48-1
version3.50
version3.50-1
version3.50-2
version3.52
version3.52-1
version3.53-1
version3.53-2
version3.54
version3.54-2
version3.55
version3.55-2
version3.60-1
version3.64-1
version3.70
version3.74
version3.83