10 matches found
EUVD-2024-33573
Malicious code in bioql PyPI...
EUVD-2025-6871
Malicious code in bioql PyPI...
CVE-2024-9309
A Server-Side Request Forgery SSRF vulnerability exists in the POST /workergeneratestream API endpoint of the Controller API Server in haotian-liu/llava version v1.2.0 LLaVA-1.6. This vulnerability allows attackers to exploit the victim Controller API Server's credentials to perform unauthorized...
CVE-2024-9309
A Server-Side Request Forgery SSRF vulnerability exists in the POST /workergeneratestream API endpoint of the Controller API Server in haotian-liu/llava version v1.2.0 LLaVA-1.6. This vulnerability allows attackers to exploit the victim Controller API Server's credentials to perform unauthorized...
CVE-2024-9309
A Server-Side Request Forgery SSRF vulnerability exists in the POST /workergeneratestream API endpoint of the Controller API Server in haotian-liu/llava version v1.2.0 LLaVA-1.6. This vulnerability allows attackers to exploit the victim Controller API Server's credentials to perform unauthorized...
CVE-2024-9309 SSRF in POST /worker_generate_stream API endpoint in haotian-liu/llava
A Server-Side Request Forgery SSRF vulnerability exists in the POST /workergeneratestream API endpoint of the Controller API Server in haotian-liu/llava version v1.2.0 LLaVA-1.6. This vulnerability allows attackers to exploit the victim Controller API Server's credentials to perform unauthorized...
CVE-2024-9309
CVE-2024-9309 is a Server-Side Request Forgery (SSRF) affecting the Controller API Server of haotian-liu/llava v1.2.0 (LLaVA-1.6). The vulnerability exists in the POST /worker_generate_stream endpoint and could allow an attacker to leverage the server’s credentials to perform unauthorized web act...
CVE-2024-10044
A Server-Side Request Forgery SSRF vulnerability exists in the POST /workergeneratestream API endpoint of the Controller API Server in lm-sys/fastchat, as of commit e208d5677c6837d590b81cb03847c0b9de100765. This vulnerability allows attackers to exploit the victim controller API server's...
CVE-2024-10044
A Server-Side Request Forgery SSRF vulnerability exists in the POST /workergeneratestream API endpoint of the Controller API Server in lm-sys/fastchat, as of commit e208d5677c6837d590b81cb03847c0b9de100765. This vulnerability allows attackers to exploit the victim controller API server's...
CVE-2024-10044 SSRF in POST /worker_generate_stream API endpoint in lm-sys/fastchat
A Server-Side Request Forgery SSRF vulnerability exists in the POST /workergeneratestream API endpoint of the Controller API Server in lm-sys/fastchat, as of commit e208d5677c6837d590b81cb03847c0b9de100765. This vulnerability allows attackers to exploit the victim controller API server's...