CVE-2024-10051

Name of the Vulnerable Software and Affected Versions Realchar version v0.0.4

Description The issue is an unauthenticated denial of service (DoS) attack that exists in the file upload request handling. By appending characters, such as dashes (-), to the end of a multipart boundary in an HTTP request, the server continuously processes each character, leading to excessive resource consumption and rendering the service unavailable. This issue impacts all users of the service and does not require any user interaction.

Recommendations For Realchar version v0.0.4, consider restricting or validating the file upload request handling to prevent excessive resource consumption. As a temporary workaround, restrict access to the file upload functionality until a patch is available.