Lucene search
K

4 matches found

OSV
OSV
added 2026/07/06 7:41 p.m.3 views

CVE-2026-55646 vLLM speech-to-text endpoints allocate full upload before enforcing the audio file-size limit

vLLM is an inference and serving engine for large language models. From 0.22.0 to 0.23.0, the /v1/audio/transcriptions and /v1/audio/translations routes call request.file.read to fully materialize an uploaded audio file into memory before vLLM checks the documented VLLMMAXAUDIOCLIPFILESIZEMB...

6.5CVSS6AI score0.00289EPSS
Exploits0References5
Snyk
Snyk
added 2025/08/12 12:30 p.m.1 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the profile picture upload. An attacker can cause significant service slowdowns by uploading a profile picture exceeding the intended size limit. Remediation Upgrade...

6.9CVSS7AI score0.00279EPSS
Exploits0References2
Snyk
Snyk
added 2025/08/12 12:30 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the profile picture upload. An attacker can cause significant service slowdowns by uploading a profile picture exceeding the intended size limit. Remediation Upgrade...

6.9CVSS7AI score0.00279EPSS
Exploits0References2
OSV
OSV
added 2020/05/20 8:15 a.m.4 views

DEBIAN-CVE-2019-11048

In PHP versions 7.2.x below 7.2.31, 7.3.x below 7.3.18 and 7.4.x below 7.4.6, when HTTP file uploads are allowed, supplying overly long filenames or field names could lead PHP engine to try to allocate oversized memory storage, hit the memory limit and stop processing the request, without cleanin...

5.3CVSS7AI score0.06264EPSS
Exploits1References1
Rows per page
Query Builder