Primary

Context

Deluge Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in Deluge version 1.3.15. This vulnerability allows local attackers to crash the application by entering an excessively long string, specifically a buffer of 5000 characters, into the 'From URL' field when adding a torrent. The application fails to handle the input properly, leading to a crash.

Impact

Exploiting this vulnerability causes the Deluge application to crash, disrupting any ongoing tasks or processes within the application.

Reproduction

To reproduce this vulnerability, first create a text file containing a 5000-character buffer of repeated 'A' characters. After saving this file, open Deluge and navigate to the 'Add Torrent' option. In the 'From URL' field, paste the contents of the text file. Once the buffer is pasted, click 'OK' to add the torrent. The application will crash shortly after this step.

Added: Mar 22, 2026, 1:24 AM

Updated: Mar 22, 2026, 1:24 AM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

4.8

remediation

0.0

relevance

4.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

4.8

remediation

0.0

relevance

4.6

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Deluge Denial-of-Service Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

Deluge

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating