Security Advisory

CVE-2024-11169

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-20 10:09:59
Last updated 2025-03-20 18:32:06
Assigner @huntr_ai
State PUBLISHED

Description

An unhandled exception in danny-avila/librechat version 3c94ff2 can lead to a server crash. The issue occurs when the fs module throws an exception while handling file uploads. An unauthenticated user can trigger this exception by sending a specially crafted request, causing the server to crash. The vulnerability is fixed in version 0.7.6.