EUVD-2024-2887

Malicious code in bioql PyPI...

GHSA-WC36-9694-F9RF vLLM Denial of Service via the best_of parameter

A vulnerability was found in the ilab model serve component, where improper handling of the bestof parameter in the vllm JSON web API can lead to a Denial of Service DoS. The API used for LLM-based sentence or chat completion accepts a bestof parameter to return the best completion from several...

vLLM Denial of Service via the best_of parameter

A vulnerability was found in the ilab model serve component, where improper handling of the bestof parameter in the vllm JSON web API can lead to a Denial of Service DoS. The API used for LLM-based sentence or chat completion accepts a bestof parameter to return the best completion from several...

CVE-2024-8939

A vulnerability was found in the ilab model serve component, where improper handling of the bestof parameter in the vllm JSON web API can lead to a Denial of Service DoS. The API used for LLM-based sentence or chat completion accepts a bestof parameter to return the best completion from several...

CVE-2024-8939

CVE-2024-8939 affects the ilab model serve component, specifically the vllm JSON web API. Improper handling of the optional best_of parameter when set to a large value can exhaust resources and cause a Denial of Service, rendering the API unresponsive to legitimate users. Exploitation details in ...

vLLM 资源管理错误漏洞

vLLM is a vLLM open source high throughput and memory efficient reasoning and service engine for LLM. A resource management error vulnerability exists in vLLM 0.5.0.post1 and prior versions, which stems from mishandling the bestof parameter in the vLLM JSON web API, resulting in a denial of servi...