Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unauthenticated Denial of Service in shaunwei/realchar
Vulnerability Description
Realchar version v0.0.4 is vulnerable to an unauthenticated denial of service (DoS) attack. The vulnerability exists in the file upload request handling, where appending characters, such as dashes (-), to the end of a multipart boundary in an HTTP request causes the server to continuously process each character. This leads to excessive resource consumption and renders the service unavailable. The issue is unauthenticated and does not require any user interaction, impacting all users of the service.
CVSS Information
N/A
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
RealChar 资源管理错误漏洞
Vulnerability Description
RealChar是shaun个人开发者的一个可以实时创建、自定义和与 AI 角色/同伴交谈的工具。 RealChar v0.0.4版本存在资源管理错误漏洞,该漏洞源于文件上传请求处理不当,可能导致未经认证的拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A