3 matches found
CVE-2024-9052
Summary: CVE-2024-9052 relates to a deserialization flaw in the vLLM project’s distributed training API. The issue enables remote code execution via unsafe deserialization of object bytes using pickle.loads() without sanitization, specifically within the vllm.distributed.GroupCoordinator.recv_obj...
CVE-2024-9052
...
CVE-2024-9052
...