漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Unauthenticated Denial of Service in transformeroptimus/superagi
Vulnerability Description
SuperAGI version v0.0.14 is vulnerable to an unauthenticated Denial of Service (DoS) attack. The vulnerability exists in the resource upload request, where appending characters, such as dashes (-), to the end of a multipart boundary in an HTTP request causes the server to continuously process each character. This leads to excessive resource consumption and renders the service unavailable. The issue is unauthenticated and does not require any user interaction, impacting all users of the service.
CVSS Information
N/A
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
SuperAGI 资源管理错误漏洞
Vulnerability Description
SuperAGI是SuperAGI开源的一个开源基础设施应用程序。用于构建组件、工具、框架和模型以实现开源 AGI。 SuperAGI v0.0.14版本存在资源管理错误漏洞,该漏洞源于资源上传请求中的多部分边界字符追加导致资源消耗过多,可能导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A