Denial of Service Vulnerability in Binary-Husky GPT Academic Software
CVE-2024-12391

6.5MEDIUM

Key Information:

Vendor: Binary-husky
Status: Binary-husky/gpt Academic
Vendor: CVE Published:; 20 March 2025

🔔 Create Binary-husky Vulnerability Alert

What is CVE-2024-12391?

A vulnerability exists in Binary-Husky's GPT Academic software that allows for a Regular Expression Denial of Service (ReDoS) attack. The affected function enables the execution of user-supplied regular expressions, some of which may lead to significant delays in processing time. By crafting a specific regular expression and search string, an attacker can exploit this flaw, potentially causing the server to freeze and deny service for extended periods. This vulnerability highlights the need for careful handling of user inputs in regex processing to prevent performance degradation and service interruptions.

Affected Version(s)

binary-husky/gpt_academic <= unspecified

References

https://huntr.com/bounties/70b3f4f0-6b1b-4563-a18c-fe4650...

CVSS V3.0

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 20, 2025
Vulnerability Reserved
Dec 9, 2024