Homepage

xgrammar@0.1.15 vulnerabilities

Efficient, Flexible and Portable Structured Generation

  • latest version

    0.1.18

  • latest non vulnerable version

    0.1.18

  • first published

    4 months ago

  • latest version published

    11 days ago

  • licenses detected

  • View xgrammar package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the xgrammar package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Allocation of Resources Without Limits or Throttling

    xgrammar is an Efficient, Flexible and Portable Structured Generation

    Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in thread_safe_cache.h, which can be populated by an indefinitely large number of entries corresponding to each new schema encountered. A user can exhaust all available memory on the system running the target application.

    Note: A common use case for this caching is vLLM's guided encoding functionality.

    How to fix Allocation of Resources Without Limits or Throttling?

    Upgrade xgrammar to version 0.1.18 or higher.

    [,0.1.18)
    Go back to all versions of this package