YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
GGUF Recursive Array DoS (CWE-674)
Security Research PoC โ Do not use in production
Vulnerability
The GGUF Python library (gguf on PyPI) crashes with RecursionError when parsing
a crafted GGUF file containing deeply nested ARRAY metadata.
Reproduction
pip install gguf==0.18.0
python3 poc.py
Files
nested_array_dos.ggufโ Malicious 13KB GGUF file with 1100 nested arrayspoc.pyโ PoC that generates and triggers the crash
Impact
Denial of Service on any Python application using GGUFReader with untrusted files.
- Downloads last month
- 10
Hardware compatibility
Log In to add your hardware
We're not able to determine the quantization variants.
Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐ Ask for provider support