Fastchat
Monthly
Information disclosure in lm-sys FastChat up to version 0.2.36 allows remote unauthenticated attackers to manipulate the add_text function in the Arena Side-by-Side View Handler, resulting in incorrect control flow that exposes sensitive data. The vulnerability has publicly available exploit code and affects the web-based arena comparison interface. A partial fix was applied in commit 34eca62 to gradio_block_arena_named.py, but three additional affected files remain unpatched.
Resource exhaustion in lm-sys FastChat up to 0.2.36 allows remote attackers to trigger denial of service by sending manipulated requests to the Worker API Endpoint's api_generate function. The vulnerability has publicly available exploit code and is confirmed patched upstream, though the fix in commit c9e84b89c91d45191dc24466888de526fa04cf33 addresses only the primary entry point in base_model_worker.py while missing other vulnerable code paths. EPSS score of 5.5 (CVSS 4.0) indicates low to moderate real-world exploitation probability despite public exploit availability.
A Server-Side Request Forgery (SSRF) vulnerability was identified in the lm-sys/fastchat web server, specifically in the affected version git 2c68a13. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A Server-Side Request Forgery (SSRF) vulnerability exists in lm-sys/fastchat version 0.2.36. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A Denial of Service (DoS) vulnerability exists in the file upload feature of lm-sys/fastchat version 0.2.36. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An open redirect vulnerability in lm-sys/fastchat Release v0.2.36 allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially crafted URL. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In lm-sys/fastchat Release v0.2.36, the server fails to handle excessive characters appended to the end of multipart boundaries. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Information disclosure in lm-sys FastChat up to version 0.2.36 allows remote unauthenticated attackers to manipulate the add_text function in the Arena Side-by-Side View Handler, resulting in incorrect control flow that exposes sensitive data. The vulnerability has publicly available exploit code and affects the web-based arena comparison interface. A partial fix was applied in commit 34eca62 to gradio_block_arena_named.py, but three additional affected files remain unpatched.
Resource exhaustion in lm-sys FastChat up to 0.2.36 allows remote attackers to trigger denial of service by sending manipulated requests to the Worker API Endpoint's api_generate function. The vulnerability has publicly available exploit code and is confirmed patched upstream, though the fix in commit c9e84b89c91d45191dc24466888de526fa04cf33 addresses only the primary entry point in base_model_worker.py while missing other vulnerable code paths. EPSS score of 5.5 (CVSS 4.0) indicates low to moderate real-world exploitation probability despite public exploit availability.
A Server-Side Request Forgery (SSRF) vulnerability was identified in the lm-sys/fastchat web server, specifically in the affected version git 2c68a13. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A Server-Side Request Forgery (SSRF) vulnerability exists in lm-sys/fastchat version 0.2.36. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A Denial of Service (DoS) vulnerability exists in the file upload feature of lm-sys/fastchat version 0.2.36. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An open redirect vulnerability in lm-sys/fastchat Release v0.2.36 allows a remote unauthenticated attacker to redirect users to arbitrary websites via a specially crafted URL. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In lm-sys/fastchat Release v0.2.36, the server fails to handle excessive characters appended to the end of multipart boundaries. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.