11 matches found
EUVD-2025-16188
Malicious code in bioql PyPI...
PYSEC-2025-43
vLLM is an inference and serving engine for large language models LLMs. In versions starting from 0.7.0 to before 0.9.0, in the file vllm/multimodal/hasher.py, the MultiModalHasher class has a security and data integrity issue in its image hashing method. Currently, it serializes PIL.Image.Image...
CVE-2025-46722 vLLM has a Weakness in MultiModalHasher Image Hashing Implementation
vLLM is an inference and serving engine for large language models LLMs. In versions starting from 0.7.0 to before 0.9.0, in the file vllm/multimodal/hasher.py, the MultiModalHasher class has a security and data integrity issue in its image hashing method. Currently, it serializes PIL.Image.Image...
CVE-2025-46722 vLLM has a Weakness in MultiModalHasher Image Hashing Implementation
vLLM is an inference and serving engine for large language models LLMs. In versions starting from 0.7.0 to before 0.9.0, in the file vllm/multimodal/hasher.py, the MultiModalHasher class has a security and data integrity issue in its image hashing method. Currently, it serializes PIL.Image.Image...
CVE-2025-46722
The CVE-2025-46722 entry concerns vLLM (versions 0.7.0–0.8.x) where MultiModalHasher in vllm/multimodal/hasher.py hashes PIL.Image.Image objects using only obj.tobytes(). This excludes image metadata (width, height, mode), enabling two images with identical pixel data but different shapes to yiel...
CVE-2025-46722 vLLM has a Weakness in MultiModalHasher Image Hashing Implementation
vLLM is an inference and serving engine for large language models LLMs. In versions starting from 0.7.0 to before 0.9.0, in the file vllm/multimodal/hasher.py, the MultiModalHasher class has a security and data integrity issue in its image hashing method. Currently, it serializes PIL.Image.Image...
Incomplete Comparison with Missing Factors
Overview vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Incomplete Comparison with Missing Factors due to the implementation of image hashing in hasher.py. An attacker can achieve hash collisions and...
vLLM has a Weakness in MultiModalHasher Image Hashing Implementation
Summary In the file vllm/multimodal/hasher.py, the MultiModalHasher class has a security and data integrity issue in its image hashing method. Currently, it serializes PIL.Image.Image objects using only obj.tobytes, which returns only the raw pixel data, without including metadata such as the...
GHSA-C65P-X677-FGJ6 vLLM has a Weakness in MultiModalHasher Image Hashing Implementation
Summary In the file vllm/multimodal/hasher.py, the MultiModalHasher class has a security and data integrity issue in its image hashing method. Currently, it serializes PIL.Image.Image objects using only obj.tobytes, which returns only the raw pixel data, without including metadata such as the...
PT-2025-23136 · Vllm · Vllm
Name of the Vulnerable Software and Affected Versions: vLLM versions 0.7.0 through 0.8.x Description: The issue concerns a security and data integrity problem in the image hashing method of the MultiModalHasher class. Specifically, the method serializes PIL.Image.Image objects using only...
Extract Digital Evidences From Images: Imago-Forensics
Imago is a python tool that extract digital evidences from images recursively. This tool is useful throughout a digital forensic investigation. If you need to extract digital evidences and you have a lot of images, through this tool you will be able to compare them easily. Imago allows to extract...