4 matches found
vLLM: OpenAI auth bypass
Summary A vulnerability in ASGI web servers and starlette's trust on those web servers enables an authentication bypass of the OpenAI API AuthenticationMiddleware, which was discovered during @x41sec's source code audit. It allows to use the API without providing the configured VLLMAPIKEY or...
ALPINE-CVE-2023-3341
The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...
DEBIAN-CVE-2023-3341
The code that processes control channel messages sent to named calls certain functions recursively during packet parsing. Recursion depth is only limited by the maximum accepted packet size; depending on the environment, this may cause the packet-parsing code to run out of available stack memory,...
PT-2023-5449 · Isc +12 · Bind 9 +12
Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.2.0 through 9.16.43 BIND 9 versions 9.18.0 through 9.18.18 BIND 9 versions 9.19.0 through 9.19.16 BIND 9 versions 9.9.3-S1 through 9.16.43-S1 BIND 9 versions 9.18.0-S1 through 9.18.18-S1 Description: The code that processes...