10 matches found
CVE-2026-54235
vLLM is an inference and serving engine for large language models LLMs. Prior to 0.23.1rc0, ll temperature validation gates use comparison operators , which silently evaluate to False for NaN and for positive Infinity in Python's IEEE 754 float semantics. Both values pass every guard and propagat...
SUSE CVE-2020-26890
Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote attackers to execute a denial of service attack against the federation and common Matrix clients. If such a malformed event is accepted into th...
SUSE CVE-2021-29510
Pydantic is a data validation and settings management using Python type hinting. In affected versions passing either 'infinity', 'inf' or float'inf' or their negatives to datetime or date fields causes validation to run forever with 100% CPU usage on one CPU. Pydantic has been patched with fixes...
The vulnerability of Pydantic’s date fields in data analysis and verification processes, related to executing a loop with an unavailable exit condition, allows attackers to cause service failures.
The vulnerability of the date field in Pydantic’s data analysis and verification mechanisms is related to the incorrect handling of data types like infinity, inf, and float'inf' within the date field. Exploiting this vulnerability can allow an attacker to cause service failures...
DEBIAN-CVE-2021-29510
Pydantic is a data validation and settings management using Python type hinting. In affected versions passing either 'infinity', 'inf' or float'inf' or their negatives to datetime or date fields causes validation to run forever with 100% CPU usage on one CPU. Pydantic has been patched with fixes...
PYSEC-2021-47
Pydantic is a data validation and settings management using Python type hinting. In affected versions passing either 'infinity', 'inf' or float'inf' or their negatives to datetime or date fields causes validation to run forever with 100% CPU usage on one CPU. Pydantic has been patched with fixes...
UBUNTU-CVE-2021-29510
Pydantic is a data validation and settings management using Python type hinting. In affected versions passing either 'infinity', 'inf' or float'inf' or their negatives to datetime or date fields causes validation to run forever with 100% CPU usage on one CPU. Pydantic has been patched with fixes...
PYSEC-2021-47
Pydantic is a data validation and settings management using Python type hinting. In affected versions passing either 'infinity', 'inf' or float'inf' or their negatives to datetime or date fields causes validation to run forever with 100% CPU usage on one CPU. Pydantic has been patched with fixes...
PT-2021-4109 · Pypi +2 · Pydantic +2
Name of the Vulnerable Software and Affected Versions: Pydantic versions prior to v1.6.2 Pydantic versions prior to v1.7.4 Pydantic versions prior to v1.8.2 Description: The issue is related to the incorrect handling of 'infinity', 'inf', and float'inf' values in date fields, causing validation t...
libsndfile d2alaw_array() function out-of-bounds read vulnerability
Libsndfile is a C library for reading and writing files containing sampled sounds e.g. MS Windows WAV and Apple/SGI AIFF formats through a standard library interface. An out-of-bounds read vulnerability in the d2alawarray function in alaw.c in Libsndfile could lead to a remote denial-of-service...