CVE-2024-9052

Опубликовано: 20 мар. 2025

Источник: nvd

Описание

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Связанные уязвимости

CVE-2024-9052

CVSS3: 2.6

redhat

10 месяцев назад

A flaw was found in the vLLM distributed training API. This vulnerability allows remote code execution via unsafe deserialization, which uses pickle.loads() without sanitization.

GHSA-pgr7-mhp5-fgjp

CVSS3: 9.8

github

10 месяцев назад

vLLM deserialization vulnerability in vllm.distributed.GroupCoordinator.recv_object