Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
vLLM AIBrix Prefix Caching hash.go random values
Vulnerability Description
A vulnerability has been found in vLLM AIBrix 0.2.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file pkg/plugins/gateway/prefixcacheindexer/hash.go of the component Prefix Caching. The manipulation leads to insufficiently random values. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 0.3.0 is able to address this issue. It is recommended to upgrade the affected component.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
使用不充分的随机数
Vulnerability Title
AIBrix 安全特征问题漏洞
Vulnerability Description
AIBrix是vLLM开源的一个用于 GenAI 推理的经济高效且可插拔的基础设施组件。 AIBrix 0.2.0版本存在安全特征问题漏洞,该漏洞源于存在随机性不足问题。
CVSS Information
N/A
Vulnerability Type
N/A