cvedb.io
CVE-2024-3153
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2024-06-06T19:16:00.600 · Last modified 2026-06-17T07:43:24.977

Summary

mintplex-labs/anything-llm is affected by an uncontrolled resource consumption vulnerability in its upload file endpoint, leading to a denial of service (DOS) condition. Specifically, the server can be shut down by sending an invalid upload request. An attacker with the ability to upload documents can exploit this vulnerability to cause a DOS condition by manipulating the upload request.

Affected products

mintplexlabs — anythingllm

Does this affect you?

Add your gear to cvedb and we'll alert you only when mintplexlabs ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.