Google Cloud Vertex AI Connection Desynchronization Vulnerability in HTTP Proxies
Vulnerability
A connection desynchronization vulnerability has been identified in Google Cloud Vertex AI, specifically within certain third-party models when using streaming requests. This issue arose from some internal HTTP proxies not properly managing requests with an 'Expect: 100-continue' header, leading to a misrouting of responses between recipients. As a result, a response intended for one request could be delivered as the response for a subsequent request. The vulnerability affected various models on the Vertex AI API, but Google models like Gemini were not impacted.
Impact
The vulnerability caused a misrouting of streaming responses, where responses intended for one request were incorrectly delivered to another, potentially leading to unintended data exposure or confusion in response handling.
Remediation
Google has implemented fixes to address the desynchronization issue caused by the 'Expect: 100-continue' header. These fixes were rolled out for different models on separate schedules, with all affected surfaces remediated by September 28, 2025. No action is required from users.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.