CVE-2024-10344

Summary

In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the refuse function was identified. Reported by Karol Więsek.

Affected Software

VendorProductVersion RangeStatus
HelixHelix Core0.0.0 < 2024.2affected
HelixHelix Core0.0.0 < 2024.1affected
HelixHelix Core0.0.0 < 2023.2affected
HelixHelix Core0.0.0 < 2023.1affected
HelixHelix Core0.0.0 < 2022.2affected

Weaknesses

  • CWE-400: CWE-400 Uncontrolled Resource Consumption

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References