3 matches found
CVE-2024-10912
A Denial of Service DoS vulnerability exists in the file upload feature of lm-sys/fastchat version 0.2.36. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. An attacker can exploit this by sending a payload with an excessively large...
agentverse (=0.1.8.1), airoboros (=2.1.1) +35 more potentially affected by CVE-2024-10912 via fschat (>=0.2.2 <=0.2.36)
fschat PYPI version =0.2.2, =0.3.0, =0.0.1, =1.1.0, =0.1.1, =0.1.1, =0.9.0.8, =0.1.1, =0.1.8 and more Source cves: CVE-2024-10912 Source advisory: OSV:GHSA-79RP-V9RM-GXM8...
CVE-2024-10912
CVE-2024-10912 affects lm-sys/fastchat 0.2.36. The DoS arises from improper handling of multipart/form-data with a very large filename in the file upload path, per Red Hat/NVD/CVE records and related advisories. An attacker can exhaust server resources by sending a payload with an oversized filen...