How severe is CVE-2024-32874?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.8 out of 10.

What type of vulnerability is CVE-2024-32874?

This is classified as CWE-770, which is a common weakness in software security.

CVE-2024-32874 - MEDIUM Severity | CVSS 6.8

Vulnerability Description

Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras. Below 0.13.2 Release, when uploading a file or retrieving the filename, a user may intentionally use a large Unicode filename which would lead to a application-level denial of service. This is due to no limitation set on the length of the filename and the costy use of the Unicode normalization with the form NFKD under the hood of `secure_filename()`.

Related Vulnerabilities

CVE-2023-2666

MEDIUM

CVSS:6.8(Medium)

Allocation of Resources Without Limits or Throttling in GitHub repository froxlor/froxlor prior to 2.0.16.

CWE-7702023

CVE-2024-28102

MEDIUM

CVSS:6.8(Medium)

JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cause a denial of service attack by passing in a malicious JWE Token with a high...

CWE-7702024

CVE-2017-0612

HIGH

CVSS:7.0(High)

An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the ...

CWE-7702017

CVE-2024-34027

HIGH

CVSS:7.0(High)

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock It needs to cover {reserve,release}_compress_block...

CWE-7702024

CVE-2017-11525

MEDIUM

CVSS:6.5(Medium)

The ReadCINImage function in coders/cin.c in ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1 allows remote attackers to cause a denial of service (memory consumption) via a crafted file.

CWE-7702017

CVE-2017-12432

MEDIUM

CVSS:6.5(Medium)

In ImageMagick 7.0.6-1, a memory exhaustion vulnerability was found in the function ReadPCXImage in coders/pcx.c, which allows attackers to cause a denial of service.

CWE-7702017