Homepage

sglang@0.5.11

SGLang is a fast serving framework for large language models and vision language models.

  • latest version

    0.5.12

  • first published

    2 years ago

  • latest version published

    1 days ago

  • licenses detected

  • View sglang package health on Snyk  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the sglang package. This does not include vulnerabilities belonging to this package’s dependencies.

    Fix vulnerabilities automatically

    Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

    sglang is a SGLang is a fast serving framework for large language models and vision language models.

    Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') via the get_tokenizer function in the HuggingFace Transformer Handler component. An attacker can achieve unauthorized access to sensitive information, modify data, or disrupt application functionality by providing specially crafted input that leads to unsafe deserialization.

    How to fix Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')?

    There is no fixed version for sglang.

    [0.5.10rc0,)
    • H
    Arbitrary Code Injection

    sglang is a SGLang is a fast serving framework for large language models and vision language models.

    Affected versions of this package are vulnerable to Arbitrary Code Injection via the reranking endpoint when a model file containing a malicious tokenizer.chat_template is loaded, due to rendering Jinja2 chat templates using an unsandboxed jinja2.Environment. An attacker can execute arbitrary code by supplying a crafted model file with a malicious template.

    How to fix Arbitrary Code Injection?

    There is no fixed version for sglang.

    [0,)
    • C
    Deserialization of Untrusted Data

    sglang is a SGLang is a fast serving framework for large language models and vision language models.

    Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to the use of the pickle.loads function. An attacker can execute arbitrary code by sending malicious serialized payloads to the exposed ZMQ REP socket, as received data is deserialized without authentication, message validation, or transport protection. This allows malicious pickle payloads to be executed immediately upon deserialization.

    How to fix Deserialization of Untrusted Data?

    There is no fixed version for sglang.

    [0.5.5,)
    • C
    Deserialization of Untrusted Data

    sglang is a SGLang is a fast serving framework for large language models and vision language models.

    Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the encode_receiver.py message handling logic in the encoder parallel disaggregation system. An attacker can execute arbitrary code by sending crafted payloads to the ZMQ socket when the encoder_transfer_backend zmq_to_scheduler option is enabled. The receiver binds to tcp://* and directly passes received data to pickle.loads() without authentication or validation, allowing malicious serialized objects to be deserialized and executed.

    How to fix Deserialization of Untrusted Data?

    There is no fixed version for sglang.

    [0,)
    Go back to all versions of this package