Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
GuanxingLu vlarl ZeroMQ reasoning_server.py run_reasoning_server deserialization
Vulnerability Description
A vulnerability was found in GuanxingLu vlarl up to 31abc0baf53ef8f5db666a1c882e1ea64def2997. This vulnerability affects the function experiments.robot.bridge.reasoning_server::run_reasoning_server of the file experiments/robot/bridge/reasoning_server.py of the component ZeroMQ. Performing manipulation of the argument Message results in deserialization. Remote exploitation of the attack is possible. The exploit has been made public and could be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
可信数据的反序列化
Vulnerability Title
VLA-RL 代码问题漏洞
Vulnerability Description
VLA-RL是lg(x)个人开发者的一个视觉语言动作模型。 VLA-RL存在代码问题漏洞,该漏洞源于对文件experiments/robot/bridge/reasoning_server.py中参数Message的错误操作,可能导致反序列化攻击。
CVSS Information
N/A
Vulnerability Type
N/A