Low severityNVD Advisory· Published Jan 27, 2025· Updated Apr 15, 2026
CVE-2025-24369
CVE-2025-24369
Description
Anubis is a tool that allows administrators to protect bots against AI scrapers through bot-checking heuristics and a proof-of-work challenge to discourage scraping from multiple IP addresses. Anubis allows attackers to bypass the bot protection by requesting a challenge, formulates any nonce (such as 42069), and then passes the challenge with difficulty zero. Commit e09d0226a628f04b1d80fd83bee777894a45cd02 fixes this behavior by not using a client-specified difficulty value.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- osv-coords4 versionspkg:rpm/opensuse/anubis&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Tumbleweedpkg:rpm/suse/govulncheck-vulndb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6
< 1.24.0-1.1+ 3 more
- (no CPE)range: < 1.24.0-1.1
- (no CPE)range: < 0.0.20250207T224745-150000.1.32.1
- (no CPE)range: < 0.0.20250130T185858-1.1
- (no CPE)range: < 0.0.20250207T224745-150000.1.32.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.