| 标题 | chatchat-space Langchain-Chatchat 0.3.1.3 TOCTOU Race Condition / CWE-367 |
|---|
| 描述 | A vulnerability was found in chatchat-space Langchain-Chatchat 0.3.1.3. Affected by this vulnerability is the function files() of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py (lines 260–284) of the component OpenAI-Compatible File Upload API. The manipulation of the argument file.filename leads to a time-of-check time-of-use (TOCTOU) race condition. Files are stored using open(path, "wb") at a path derived solely from purpose, date, and filename, with no conflict detection, deduplication, or per-user isolation. A second upload with the same filename silently overwrites the first. Because the Vision LLM fetches images from disk in real-time via GET /v1/files/{id}/content with no content pinning, the LLM may receive an attacker-controlled image instead of the victim's original upload within the race condition window. The attack may be initiated remotely with low privileges in a multi-tenant deployment. The exploit has been disclosed to the public. It is recommended to introduce a random UUID component in the file storage path and implement content pinning at upload time. |
|---|
| 来源 | ⚠️ https://github.com/chatchat-space/Langchain-Chatchat/issues/5463 |
|---|
| 用户 | Dem00 (UID 84913) |
|---|
| 提交 | 2026-04-19 10時21分 (2 月前) |
|---|
| 管理 | 2026-05-05 12時21分 (16 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 361125 [chatchat-space Langchain-Chatchat 直到 0.3.1.3 OpenAI-Compatible File Upload API openai_routes.py files file.filename 竞争条件] |
|---|
| 积分 | 20 |
|---|