vllm@0.6.6 vulnerabilities

A high-throughput and memory-efficient inference and serving engine for LLMs

latest version

0.8.4

first published

1 years ago

latest version published

5 days ago

licenses detected

Apache-2.0
[0,)

View vllm package health on Snyk Advisor (opens in a new tab)

Go back to all versions of this package

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the vllm package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Deserialization of Untrusted Data vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the `MessageQueue.dequeue()` API function. An attacker can execute arbitrary code by sending a malicious payload to the message queue. How to fix Deserialization of Untrusted Data? There is no fixed version for `vllm`.	[0,)
H Allocation of Resources Without Limits or Throttling vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in `outlines_logits_processors.py` module, which uses a local cache with unbounded size by default. An attacker can occupy all space on the target system by sending a stream of decoding requests with different schemas, adding indefinitely to the outlines cache. How to fix Allocation of Resources Without Limits or Throttling? Upgrade `vllm` to version 0.8.0 or higher.	[,0.8.0)
C Deserialization of Untrusted Data vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the `MooncakePipe` class, which relies on pickle for serialization and deserialization in `recv_tensor()`. An attacker can execute arbitrary code on the host by sending malicious payloads using the ZMQ over TCP interface, which is exposed by the Mooncake integration by default. How to fix Deserialization of Untrusted Data? Upgrade `vllm` to version 0.8.0 or higher.	[,0.8.0)
L Use of Weak Hash vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Use of Weak Hash due to the use of a predictable constant value in the Python 3.12 built-in `hash` function. An attacker can interfere with subsequent responses and cause unintended behavior by exploiting predictable hash collisions to populate the cache with prompts known to collide with another prompt in use. How to fix Use of Weak Hash? Upgrade `vllm` to version 0.7.2 or higher.	[,0.7.2)
H Deserialization of Untrusted Data vllm is an A high-throughput and memory-efficient inference and serving engine for LLMs Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the `hf_model_weights_iterator` process due to the usage of the `torch.load` function with the `weights_only` parameter set to `False`, which is considered insecure. An attacker can execute arbitrary code during the unpickling process by supplying malicious pickle data. How to fix Deserialization of Untrusted Data? Upgrade `vllm` to version 0.7.0 or higher.	[,0.7.0)

Go back to all versions of this package