5 matches found
CVE-2025-0187
A Denial of Service DoS vulnerability was discovered in the file upload feature of gradio-app/gradio version 0.39.1. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large filename, the server...
CVE-2024-10912
A Denial of Service DoS vulnerability exists in the file upload feature of lm-sys/fastchat version 0.2.36. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. An attacker can exploit this by sending a payload with an excessively large...
CVE-2024-12063 Denial of Service in imartinez/privategpt
A Denial of Service DoS vulnerability exists in the file upload feature of imartinez/privategpt version v0.6.2. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. An attacker can exploit this by sending a payload with an excessively large...
CVE-2024-12070 Denial of Service in haotian-liu/llava
A Denial of Service DoS vulnerability exists in the file upload feature of haotian-liu/llava, specifically in Release v1.2.0 LLaVA-1.6. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. By sending a payload with an excessively large...
CVE-2025-0187
The CVE-2025-0187 concerns gradio-app/gradio 0.39.1, where the file upload endpoint mishandles form-data with an excessively large filename. This causes a DoS by overwhelming the server, leading to unavailability for legitimate users. The vulnerability is tied to the /upload handling and results ...