Denial of Service Vulnerability in binary-husky/gpt_academic File Upload Feature
CVE-2024-11033

6.5MEDIUM

Key Information:

Vendor: Binary-husky
Status: Binary-husky/gpt Academic
Vendor: CVE Published:; 20 March 2025

🔔 Create Binary-husky Vulnerability Alert

What is CVE-2024-11033?

A Denial of Service (DoS) vulnerability has been identified in the file upload feature of the binary-husky/gpt_academic application. This issue arises from the improper handling of form-data, particularly when it involves excessively large filenames in upload requests. An attacker could exploit this flaw by crafting a payload with an abnormally large filename, which could lead to server overload and render the application inaccessible to legitimate users, compromising the overall user experience and availability of the service.

Affected Version(s)

binary-husky/gpt_academic <= unspecified

References

https://huntr.com/bounties/78afc15c-7db7-42fe-90f5-a0480a...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

CVSS V3.0

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 20, 2025
Vulnerability Reserved
Nov 8, 2024