6 matches found
CVE-2025-48944 vulnerabilities
Vulnerabilities for packages: py3.10-vllm-cuda-11.8, tritonserver-backend-vllm...
CVE-2025-48944
A denial of service flaw was found in vLLM. This flaw allows a remote attacker with access to /v1/chat/completions OpenAPI endpoint to submit malformed data in the "pattern" and "type" fields to crash the vLLM instance. Mitigation Mitigation for this issue is either not available or the currently...
CVE-2025-48944
vLLM (inference/serving engine) is affected when running versions 0.8.0 up to but excluding 0.9.0 with the /v1/chat/completions OpenAPI endpoint. The root cause is lack of validation for unexpected or malformed inputs in the pattern and type fields when the tools functionality is invoked, allowin...
CVE-2025-48944 vLLM Tool Schema allows DoS via Malformed pattern and type Fields
vLLM is an inference and serving engine for large language models LLMs. In version 0.8.0 up to but excluding 0.9.0, the vLLM backend used with the /v1/chat/completions OpenAPI endpoint fails to validate unexpected or malformed input in the "pattern" and "type" fields when the tools functionality ...
CVE-2025-48944 vLLM Tool Schema allows DoS via Malformed pattern and type Fields
vLLM is an inference and serving engine for large language models LLMs. In version 0.8.0 up to but excluding 0.9.0, the vLLM backend used with the /v1/chat/completions OpenAPI endpoint fails to validate unexpected or malformed input in the "pattern" and "type" fields when the tools functionality ...
CVE-2025-48944
creationtimestamp| type| source ---|---|--- 2025-05-28 17:28:13+00:00| published-proof-of-concept| https://github.com/vllm-project/vllm/security/advisories/GHSA-vrq3-r879-7m65 2025-05-30 19:07:48+00:00| seen|...