4 matches found
Server-side Request Forgery (SSRF)
Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF when processing user-supplied URLs. An attacker can cause the server to send unauthorized requests to arbitrary internal or external services by submitting crafted URLs. Workaround This vulnerability can...
EUVD-2025-16191
Malicious code in bioql PyPI...
CVE-2025-48887 vLLM has a Regular Expression Denial of Service (ReDoS, Exponential Complexity) Vulnerability in `pythonic_tool_parser.py`
vLLM, an inference and serving engine for large language models LLMs, has a Regular Expression Denial of Service ReDoS vulnerability in the file vllm/entrypoints/openai/toolparsers/pythonictoolparser.py of versions 0.6.4 up to but excluding 0.9.0. The root cause is the use of a highly complex and...
CVE-2025-48887 vLLM has a Regular Expression Denial of Service (ReDoS, Exponential Complexity) Vulnerability in `pythonic_tool_parser.py`
vLLM, an inference and serving engine for large language models LLMs, has a Regular Expression Denial of Service ReDoS vulnerability in the file vllm/entrypoints/openai/toolparsers/pythonictoolparser.py of versions 0.6.4 up to but excluding 0.9.0. The root cause is the use of a highly complex and...