4 matches found
CVE-2024-10044
A Server-Side Request Forgery SSRF vulnerability exists in the POST /workergeneratestream API endpoint of the Controller API Server in lm-sys/fastchat, as of commit e208d5677c6837d590b81cb03847c0b9de100765. This vulnerability allows attackers to exploit the victim controller API server's...
data-agora (=0.1.1), dtx (>=0.31.0 <=0.34.0) +10 more potentially affected by CVE-2024-10044 via fastchat (=0.1.0)
fastchat PYPI version =0.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on fastchat and may be impacted: - data-agora =0.1.1 - dtx =0.31.0, =0.2.0, =0.18.3, =0.0.2, =0.4.0, =0.0.1, =0.1.3, =0.1.0, =0.1.0, =0.1.1 Source cves: CVE-2024-10044 Source...
CVE-2024-10044
A Server-Side Request Forgery SSRF vulnerability exists in the POST /workergeneratestream API endpoint of the Controller API Server in lm-sys/fastchat, as of commit e208d5677c6837d590b81cb03847c0b9de100765. This vulnerability allows attackers to exploit the victim controller API server's...
CVE-2024-10044 SSRF in POST /worker_generate_stream API endpoint in lm-sys/fastchat
A Server-Side Request Forgery SSRF vulnerability exists in the POST /workergeneratestream API endpoint of the Controller API Server in lm-sys/fastchat, as of commit e208d5677c6837d590b81cb03847c0b9de100765. This vulnerability allows attackers to exploit the victim controller API server's...