5 matches found
EUVD-2025-16353
Malicious code in bioql PyPI...
CVE-2025-48944 vLLM Tool Schema allows DoS via Malformed pattern and type Fields
vLLM is an inference and serving engine for large language models LLMs. In version 0.8.0 up to but excluding 0.9.0, the vLLM backend used with the /v1/chat/completions OpenAPI endpoint fails to validate unexpected or malformed input in the "pattern" and "type" fields when the tools functionality ...
CVE-2025-48944 vLLM Tool Schema allows DoS via Malformed pattern and type Fields
vLLM is an inference and serving engine for large language models LLMs. In version 0.8.0 up to but excluding 0.9.0, the vLLM backend used with the /v1/chat/completions OpenAPI endpoint fails to validate unexpected or malformed input in the "pattern" and "type" fields when the tools functionality ...
CVE-2025-48944
vLLM (inference/serving engine) is affected when running versions 0.8.0 up to but excluding 0.9.0 with the /v1/chat/completions OpenAPI endpoint. The root cause is lack of validation for unexpected or malformed inputs in the pattern and type fields when the tools functionality is invoked, allowin...
GHSA-VRQ3-R879-7M65 vLLM Tool Schema allows DoS via Malformed pattern and type Fields
Summary The vLLM backend used with the /v1/chat/completions OpenAPI endpoint fails to validate unexpected or malformed input in the "pattern" and "type" fields when the tools functionality is invoked. These inputs are not validated before being compiled or parsed, causing a crash of the inference...