CVE-2025-11915
HTTP Desynchronisation in Vertex AI for certain third-party models
Connection desynchronization between an HTTP proxy and the model backend. The fixes were rolled out for all proxies in front of impacted models by 2025-09-28. Users do not need to take any action.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:L/SI:N/SA:L/U:Clear
Productos afectados
Google Cloud · Vertex AI: Open Models for MaaSGoogle Cloud · Vertex AI: Partner Models for MaaSGoogle Cloud · Vertex AI: Self-Deployed Models¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →