3 matches found
vLLM 安全漏洞
vLLM is a high throughput and memory efficient inference and service engine for LLM from the vLLM open source. A security vulnerability exists in vLLM versions prior to 0.7.0 through 0.9.0, which stems from the use of only raw pixel data without including metadata in the image hash method, which...
vLLM has a Weakness in MultiModalHasher Image Hashing Implementation
Summary In the file vllm/multimodal/hasher.py, the MultiModalHasher class has a security and data integrity issue in its image hashing method. Currently, it serializes PIL.Image.Image objects using only obj.tobytes, which returns only the raw pixel data, without including metadata such as the...
GHSA-C65P-X677-FGJ6 vLLM has a Weakness in MultiModalHasher Image Hashing Implementation
Summary In the file vllm/multimodal/hasher.py, the MultiModalHasher class has a security and data integrity issue in its image hashing method. Currently, it serializes PIL.Image.Image objects using only obj.tobytes, which returns only the raw pixel data, without including metadata such as the...