CNNVD-202601-3006 Information
CNNVD ID
CNNVD-202601-3006
Related CVE
- CNNVD Published: 2026-01-19
Description (Chinese)
ChatterBot是Gunther Cox个人开发者的一个用于创建聊天机器人的机器学习对话引擎。 ChatterBot 1.2.10及之前版本存在资源管理错误漏洞,该漏洞源于数据库会话和连接池管理不当,可能导致连接耗尽并引发拒绝服务。
Description (English)
ChatterBot is a machine learning dialogue engine used by Gunther Cox personal developers to create chat robots. ChatterBot 1.2.10 and previous versions had a resource management error loophole, which stemmed from poor management of the database session and connection pool, which could lead to depletion of the connection and trigger denial of service.
Hazard Level
Medium
Vulnerability Type
资源管理错误
Affected Vendor
个人开发者
Published
2026-01-19
Last Modified
2026-02-24
References
https://github.com/gunthercox/ChatterBot/commit/de89fe648139f8eeacc998ad4524fab291a378cf https://github.com/user-attachments/assets/4ee845c4-b847-4854-84ec-4b2fb2f7090f https://github.com/gunthercox/ChatterBot/security/advisories/GHSA-v4w8-49pv-mf72 https://github.com/gunthercox/ChatterBot/releases/tag/1.2.11 https://github.com/gunthercox/ChatterBot/pull/2432 https://access.redhat.com/security/cve/cve-2026-23842
Patch
https://github.com/gunthercox/ChatterBot/releases
Share on: