Allocation of Resources Without Limits or Throttling

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of upper bound validation on the n parameter in the request handling process. A...

Improper Restriction of Communication Channel to Intended Endpoints

Overview fastcrud is a FastCRUD is a Python package for FastAPI, offering robust async CRUD operations and flexible endpoint creation utilities. Affected versions of this package are vulnerable to Improper Restriction of Communication Channel to Intended Endpoints due to improper handling of the...

PT-2024-30530 · Boa · Boa

Name of the Vulnerable Software and Affected Versions: Boa versions 0.16 through 0.19.0 Description: A wrong assumption in Boa's implementation of AsyncGenerator can cause an uncaught exception on certain scripts. This occurs because the state of an AsyncGenerator object is assumed not to change...

PT-2022-20885 · Unknown · Pinniped Supervisor

Name of the Vulnerable Software and Affected Versions: Pinniped Supervisor versions prior to 0.19.0 Description: An Insufficient Session Expiration issue was discovered in the Pinniped Supervisor. A user authenticating to Kubernetes clusters via the Pinniped Supervisor could potentially use their...

PT-2020-5744 · Sddm +2 · Sddm +2

Name of the Vulnerable Software and Affected Versions: SDDM versions prior to 0.19.0 Description: The issue is related to the incorrect start of the X server by SDDM, allowing local unprivileged users to create a connection to the X server without proper authentication for a short time period. Th...