CVE-2025-3677 lm-sys fastchat apply_delta.py apply_delta_low_cpu_mem deserialization

A vulnerability classified as critical was found in lm-sys fastchat up to 0.2.36. This vulnerability affects the function splitfiles/applydeltalowcpumem of the file fastchat/model/applydelta.py. The manipulation leads to deserialization. An attack has to be approached locally...

CVE-2025-3677 lm-sys fastchat apply_delta.py apply_delta_low_cpu_mem deserialization

A vulnerability classified as critical was found in lm-sys fastchat up to 0.2.36. This vulnerability affects the function splitfiles/applydeltalowcpumem of the file fastchat/model/applydelta.py. The manipulation leads to deserialization. An attack has to be approached locally...

FastChat 代码问题漏洞

FastChat is an open source platform from LMSYS for training, deploying and evaluating chatbots based on large language models. A code issue vulnerability exists in FastChat version 0.2.36 and earlier, which stems from a deserialization issue in the splitfiles/applydeltalowcpumem function in the...

SUSE CVE-2015-0838

Buffer overflow in the C implementation of the applydelta function in pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file...

CVE-2015-0838

Dulwich (Python Git library) is affected by a buffer overflow in the C implementation of apply_delta in _pack.c, impacting versions before 0.9.9 and enabling remote code execution via a crafted pack file. Mitigation: upgrade to Dulwich 0.9.9+ (e.g., 0.10.0 per Mageia advisory) or apply provided s...

PT-2015-4907 · Dulwich · Dulwich

Name of the Vulnerable Software and Affected Versions: Dulwich versions prior to 0.9.9 Description: The issue is related to a buffer overflow in the C implementation of the apply delta function in pack.c. This allows remote attackers to execute arbitrary code via a crafted pack file...