You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

YAML Metadata Warning:empty or missing yaml metadata in repo card

Check out the documentation for more information.

GGUF-PY-F001 Evidence Pack — Nested ARRAY Recursion DoS

Finding

Python GGUFReader processes nested GGUF ARRAY metadata recursively. A crafted GGUF file with deeply nested ARRAY metadata triggers a Python RecursionError, causing Python-side model/tooling load failure.

Confirmed live-repo proof

The proof asserts that Python imports gguf from the live mounted repo:

gguf.__file__ = /target/gguf-py/gguf/__init__.py
GGUFReader source = /target/gguf-py/gguf/gguf_reader.py

The native binary used is from the live mounted repo:

/target/build/bin/llama-gguf
version: 9046 (a290ce626)

Confirmed crafted file

The PoC GGUF contains:

magic: GGUF
version: 3
n_tensors: 0
n_kv: 1
one metadata key
deeply nested ARRAY metadata

Confirmed Python behavior

Python live-repo GGUFReader raises RecursionError while loading the crafted file.

Expected security impact

This is not RCE. The impact is Python-side denial of service / malformed model processing failure in tooling, scanning, or ingestion paths that use gguf-py to inspect externally supplied GGUF files.

Non-claims

This pack does not claim native C++ memory corruption, RCE, privilege escalation, or data exfiltration.

Downloads last month: -

GGUF

Hardware compatibility

We're not able to determine the quantization variants.

View all variants

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support