vLLM 代码问题漏洞

vLLM is a vLLM open source high throughput and memory efficient inference and service engine for LLM. A code issue vulnerability exists in vLLM that stems from insufficient restriction of the target host for user-supplied URLs in the loadfromurl and loadfromurlasync methods of the MediaConnector...

PT-2016-5042 · Apache +1 · Apache Qpid Proton +1

Name of the Vulnerable Software and Affected Versions: Apache Qpid Proton versions prior to 0.12.1 Description: The issue is related to the improper use of an unencrypted connection for an amqps URI scheme when SSL support is unavailable in certain classes. This might allow attackers to obtain...