Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-5cmr-4px5-23pc

Опубликовано: 25 авг. 2025
Источник: github
Github: Прошло ревью
CVSS4: 7.7
CVSS3: 7.5

Описание

XGrammar affected by Denial of Service by infinite recursion grammars

Summary

This issue: http://github.com/mlc-ai/xgrammar/issues/250 should have it's own security advisory. Since several tools accept and pass user supplied grammars to xgrammar, and it is so easy to trigger it seems like a High.

Ссылки

Пакеты

Наименование

xgrammar

pip
Затронутые версииВерсия исправления

< 0.1.21

0.1.21

EPSS

Процентиль: 22%
0.00071
Низкий

7.7 High

CVSS4

7.5 High

CVSS3

CVE ID

CVE-2025-57809

Дефекты

CWE-674

Связанные уязвимости

redhat логотип

CVE-2025-57809

CVSS3: 7.5
redhat
4 месяца назад

XGrammar is an open-source library for efficient, flexible, and portable structured generation. Prior to version 0.1.21, XGrammar has an infinite recursion issue in the grammar. This issue has been resolved in version 0.1.21.

nvd логотип

CVE-2025-57809

CVSS3: 7.5
nvd
4 месяца назад

XGrammar is an open-source library for efficient, flexible, and portable structured generation. Prior to version 0.1.21, XGrammar has an infinite recursion issue in the grammar. This issue has been resolved in version 0.1.21.

EPSS

Процентиль: 22%
0.00071
Низкий

7.7 High

CVSS4

7.5 High

CVSS3

CVE ID

CVE-2025-57809

Дефекты

CWE-674