📦 Llava

This SSRF vulnerability in LLaVA's Controller API Server allows attackers to make the server send unauthorized requests to internal or external systems using its credentials. It affects anyone running...

This Server-Side Request Forgery (SSRF) vulnerability in haotian-liu/llava allows attackers to make the server send HTTP requests to arbitrary internal URLs. This could expose sensitive server-side re...

A local file inclusion vulnerability in haotian-liu/llava's Gradio web UI allows attackers to read arbitrary files on the server by sending specially crafted requests. This affects systems running vul...

An open redirect vulnerability in haotian-liu/llava v1.2.0 allows attackers to redirect users to malicious websites via crafted URLs. This affects all users of LLaVA-1.6 who access the vulnerable inte...