CWE-76
Improper Neutralization of Equivalent Special Elements
Description
The product correctly neutralizes certain special elements, but it improperly neutralizes equivalent special elements.
Hierarchy (View 1000)
Parents
Children
none
CVEs mapped to this weakness (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-34359 | Cri | 0.58 | 9.6 | 0.28 | May 14, 2024 | llama-cpp-python is the Python bindings for llama.cpp. `llama-cpp-python` depends on class `Llama` in `llama.py` to load `.gguf` llama.cpp or Latency Machine Learning Models. The `__init__` constructor built in the `Llama` takes several parameters to configure the loading and… | ||
| CVE-2024-2952 | — | 0.00 | — | 0.01 | Apr 10, 2024 | BerriAI/litellm is vulnerable to Server-Side Template Injection (SSTI) via the `/completions` endpoint. The vulnerability arises from the `hf_chat_template` method processing the `chat_template` parameter from the `tokenizer_config.json` file through the Jinja template engine… | ||
| CVE-2023-0493 | 0.00 | — | 0.08 | Jan 26, 2023 | Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.7.5. |
- risk 0.58cvss 9.6epss 0.28
llama-cpp-python is the Python bindings for llama.cpp. `llama-cpp-python` depends on class `Llama` in `llama.py` to load `.gguf` llama.cpp or Latency Machine Learning Models. The `__init__` constructor built in the `Llama` takes several parameters to configure the loading and…
- CVE-2024-2952Apr 10, 2024risk 0.00cvss —epss 0.01
BerriAI/litellm is vulnerable to Server-Side Template Injection (SSTI) via the `/completions` endpoint. The vulnerability arises from the `hf_chat_template` method processing the `chat_template` parameter from the `tokenizer_config.json` file through the Jinja template engine…
- CVE-2023-0493Jan 26, 2023risk 0.00cvss —epss 0.08
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.7.5.