CVE-2024-3569

Name of the Vulnerable Software and Affected Versions mintplex-labs/anything-llm repository (affected versions not specified)

Description A Denial of Service (DoS) issue exists when the application is running in 'just me' mode with a password. An attacker can exploit this by making a request to the endpoint using the validatedRequest middleware with a specially crafted 'Authorization:' header. This leads to uncontrolled resource consumption, causing a DoS condition.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.