3 matches found
CVE-2024-9309
A Server-Side Request Forgery SSRF vulnerability exists in the POST /workergeneratestream API endpoint of the Controller API Server in haotian-liu/llava version v1.2.0 LLaVA-1.6. This vulnerability allows attackers to exploit the victim Controller API Server's credentials to perform unauthorized...
CVE-2024-9309
creationtimestamp| type| source ---|---|--- 2025-03-20 11:40:53+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lksmi34chk2v 2025-03-20 12:48:39+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114194836150364747...
CVE-2024-9309
A Server-Side Request Forgery SSRF vulnerability exists in the POST /workergeneratestream API endpoint of the Controller API Server in haotian-liu/llava version v1.2.0 LLaVA-1.6. This vulnerability allows attackers to exploit the victim Controller API Server's credentials to perform unauthorized...