Lucene search
K

5 matches found

Snyk
Snyk
added 2026/03/09 10:39 p.m.2 views

Server-side Request Forgery (SSRF)

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via inconsistent URL parsing between the validation layer and the HTTP client in the loadfromurl and loadfromurlasy...

9.8CVSS5.8AI score0.00485EPSS
Exploits1References2
Chainguard
Chainguard
added 2025/06/03 1:15 a.m.7 views

GHSA-GGPF-24JW-3FCW vulnerabilities

Vulnerabilities for packages: tritonserver-backend-vllm...

7.5AI score
Exploits0
Snyk
Snyk
added 2025/05/28 5:50 p.m.3 views

Regular Expression Denial of Service (ReDoS)

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS in multiple locations in the code. An attacker can cause a denial of service by supplying specially craft...

6.9CVSS6.8AI score
Exploits0References2
Snyk
Snyk
added 2025/05/28 5:49 p.m.6 views

Regular Expression Denial of Service (ReDoS)

Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS through the pythonictoolparser.py. An attacker can cause severe performance degradation or make the servi...

6.9CVSS6.8AI score0.00426EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/02/09 8:24 p.m.12 views

CVE-2025-25183

A flaw was found in the vllm package. Maliciously constructed statements can lead to hash collisions, resulting in cache reuse, which can interfere with subsequent responses and cause unintended behavior. The impact of a collision would be using a cache that was generated using different content...

2.6CVSS3.4AI score0.00184EPSS
Exploits0References9
Rows per page
Query Builder