ГлавнаяУязвимости → CVE-2024-12065
7.5высокая

CVE-2024-12065

Описание

A local file inclusion vulnerability exists in haotian-liu/llava at commit c121f04. This vulnerability allows an attacker to access any file on the system by sending multiple crafted requests to the server. The issue is due to improper input validation in the gradio web UI component.

Затрагиваемое ПО
Hliu Llava
CVSS
Балл7.5 — высокая
ВекторCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://huntr.com/bounties/0594503c-038f-401c-9127-08be32bfd682