Browse all 8 CVE security advisories affecting haotian-liu. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Haotian-liu is a security researcher focused on identifying vulnerabilities in web applications and open-source software. Their work primarily centers on uncovering remote code execution, cross-site scripting, and privilege escalation flaws across various platforms. With 8 CVEs attributed to them, their research has highlighted critical weaknesses in popular development tools and frameworks. While no major security incidents are directly linked to their findings, their contributions have consistently addressed high-impact vulnerabilities that could lead to system compromise. Their work demonstrates a consistent focus on identifying and reporting security flaws that pose significant risks to enterprise and consumer applications.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-12070 | Denial of Service in haotian-liu/llava — haotian-liu/llavaCWE-400 | 7.5 | - | 2025-03-20 |
| CVE-2024-9308 | Open Redirect in haotian-liu/llava — haotian-liu/llavaCWE-601 | 6.1 | - | 2025-03-20 |
| CVE-2024-9311 | Cross-Site Request Forgery to XSS in haotian-liu/llava — haotian-liu/llavaCWE-352 | 8.1 | - | 2025-03-20 |
| CVE-2024-12065 | Local File Inclusion in haotian-liu/llava — haotian-liu/llavaCWE-22 | 7.5 | - | 2025-03-20 |
| CVE-2024-9309 | SSRF in POST /worker_generate_stream API endpoint in haotian-liu/llava — haotian-liu/llavaCWE-918 | 9.8 | - | 2025-03-20 |
| CVE-2024-12068 | Server-Side Request Forgery in haotian-liu/llava — haotian-liu/llavaCWE-918 | 7.5 | - | 2025-03-20 |
| CVE-2024-11449 | Server-Side Request Forgery in haotian-liu/llava — haotian-liu/llavaCWE-918 | 9.8 | - | 2025-03-20 |
| CVE-2024-10225 | Denial of Service in haotian-liu/llava — haotian-liu/llavaCWE-770 | 7.5 | - | 2025-03-20 |
This page lists every published CVE security advisory associated with haotian-liu. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.