High

stable-diffusion-webui

Unauthenticated DoS via Multipart Boundary

The vulnerability in version 1.10.0 allows unauthenticated attackers to cause a denial of service by sending malformed multipart requests with excessive characters appended to the boundary. This issue was patched in a later version.

Available publicly on Dec 30 2024

7.5

CVE:

CVE-2024-10935

CWE:

400:Uncontrolled Resource Consumption

CVSS:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Credit:

mnqazi
AssessDetect

Unavailable

Remediate
Remediation Steps
  1. Update to the latest version of the software where the vulnerability has been patched.
  2. Implement input validation to handle multipart boundaries correctly and prevent excessive characters from being processed.
  3. Monitor server resource usage and set up alerts for unusual activity that may indicate an ongoing attack.
  4. Consider rate limiting and other mitigation techniques to reduce the impact of potential DoS attacks.
Patch Details
  • Fixed Version: N/A
  • Patch Commit: N/A
Want more out of Sightline?

Sightline offers even more for premium customers

Go Premium

We have - related security advisories that are available with Sightline Premium.