Files
sglang/docs/security/acknowledgements.md
thelongestusernameofall 49afb3d9d9 Fix(security): block unsafe pickle deserialization to mitigate CVE-2025-10164 (#11909)
Co-authored-by: Chengxing Xie <xiechengxing34@gmail.com>
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2025-10-23 19:12:40 -07:00

732 B

Time CVE ID Credit to Affected Versions Severity Impact Description
2025-09-09 CVE-2025-10164 Simon Huang, pjf ≥ 0.4.6 & ≤ 0.5.3 Critical Remote Code Execution A security flaw exists in lmsys sglang versions ≥ 0.4.6 and ≤ 0.5.3. The vulnerability arises from the use of unsafe pickle deserialization of the serialized_named_tensors parameter in the /update_weights_from_tensor API endpoint, which could allow a remote attacker to execute arbitrary code on the server by sending a specially crafted payload.