VYPR

apk package

chainguard/vllm-cuda-13.2

pkg:apk/chainguard/vllm-cuda-13.2

Vulnerabilities (7)

  • CVE-2026-54233Jun 17, 2026
    affected < 0.24.0-r0fixed 0.24.0-r0

    ### Summary vLLM's `/v1/audio/transcriptions` endpoint limits compressed upload size but not decoded PCM output. A 25MB OPUS file expands to ~14.9GB of float32 PCM at decode time. Tested on vLLM v0.19.0. ### Details `SpeechToTextProcessor` rejects uploads over `VLLM_MAX_AUDIO_CL

  • CVE-2026-54236Jun 17, 2026
    affected < 0.24.0-r0fixed 0.24.0-r0

    # vLLM: incomplete CVE-2026-22778 fix leaks PIL repr addresses via the Anthropic API router **Researcher:** Kai Aizen — SnailSploit (@SnailSploit), Adversarial & Offensive Security Research **Severity:** CVSS 3.1 5.3 (Medium) `AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N` **Target:** ht

  • CVE-2026-53923Jun 17, 2026
    affected < 0.24.0-r0fixed 0.24.0-r0

    ## Summary Integer truncation of tensor dimensions in vLLM's GGUF dequantize kernels (`csrc/quantization/gguf/gguf_kernel.cu`) causes partial tensor processing. The output tensor is allocated at full size via `torch::empty` (uninitialized memory), but the dequantize CUDA kernel

  • CVE-2026-54235Jun 17, 2026
    affected < 0.24.0-r0fixed 0.24.0-r0

    ## Summary All temperature validation gates use comparison operators (`<`, `>`), which silently evaluate to `False` for `NaN` and for positive `Infinity` in Python's IEEE 754 float semantics. Both values pass every guard and propagate to GPU sampling kernels, where they produce

  • CVE-2026-12491modJun 10, 2026
    affected < 0.24.0-r0fixed 0.24.0-r0

    vllm: vllm: image EXIF Rotation & PNG tRNS Transparency Not Normalized, Causing Mismatch Between Model Input and Expectations

  • CVE-2026-47265HigJun 2, 2026
    affected < 0.21.0-r1fixed 0.21.0-r1

    AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, cookies set with the `cookies` parameter on requests are sent after following a cross-origin redirect. If a developer uses the `cookies` parameter on a per-request basis then

  • CVE-2026-34993MedJun 2, 2026
    affected < 0.21.0-r1fixed 0.21.0-r1

    AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, using ``CookieJar.load()`` with untrusted input may allow arbitrary code execution. Most applications using this function will be doing so with the user's own data, so this is