CVE-2024-12388 Information

Description

A vulnerability in binary-husky/gpt_academic version 310122f allows for a Regular Expression Denial of Service (ReDoS) attack. The application uses a regular expression to parse user input which can take polynomial time to match certain crafted inputs. This allows an attacker to send a small malicious payload to the server causing it to become unresponsive and unable to handle any requests from other users.

Reference

https://huntr.com/bounties/b1c01c94-e477-41db-9d17-601aa25e351c