Binary-Husky Gpt Academic vulnerabilities
22 known vulnerabilities affecting binary-husky/binary-husky_gpt_academic.
Total CVEs
22
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH12MEDIUM10
Vulnerabilities
Page 2 of 2
CVE-2024-10101P4MEDIUMCVSS 5.4≥ unspecified, ≤ latest2024-10-17
CVE-2024-10101 [MEDIUM] CWE-79 CVE-2024-10101: A stored cross-site scripting (XSS) vulnerability exists in binary-husky/gpt_academic version 3.83.
A stored cross-site scripting (XSS) vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability occurs at the /file endpoint, which renders HTML files. Malicious HTML files containing XSS payloads can be uploaded and stored in the backend, leading to the execution of the payload in the victim's browser when the file is accessed.
nvd
CVE-2024-12391MEDIUMCVSS 6.5≥ unspecified, ≤ latest2025-03-20
CVE-2024-12391 [MEDIUM] CWE-1333 Regular Expression Denial of Service (ReDoS) in binary-husky/gpt_academic
Regular Expression Denial of Service (ReDoS) in binary-husky/gpt_academic
A vulnerability in binary-husky/gpt_academic, as of commit 310122f, allows for a Regular Expression Denial of Service (ReDoS) attack. The function '解析项目源码(手动指定和筛选源码文件类型)' permits the execution of user-provided regular expressions. Certain regular expressions can cause the Python RE engine to take exponential time to
cvelistv5
← Previous2 / 2