AI Threat Alert

CVE-2024-9053

GHSA-cj47-qj6g-x7r4 CRITICAL
Published March 20, 2025

vllm-project vllm version 0.6.0 contains a vulnerability in the AsyncEngineRPCServer() RPC server entrypoints. The core functionality run_server_loop() calls the function _make_handler_coro(), which...

Full analysis pending. Showing NVD description excerpt.

Affected Systems

Package Ecosystem Vulnerable Range Patched
vllm pip <= 0.6.0 No patch
vllm pip No patch

Severity & Risk

CVSS 3.1
9.8 / 10
EPSS
2.2%
chance of exploitation in 30 days
KEV Status
Not in KEV
Sophistication
N/A

Recommended Action

No patch available

Monitor for updates. Consider compensating controls or temporary mitigations.

Compliance Impact

Compliance analysis pending. Sign in for full compliance mapping when available.

Technical Details

NVD Description

vllm-project vllm version 0.6.0 contains a vulnerability in the AsyncEngineRPCServer() RPC server entrypoints. The core functionality run_server_loop() calls the function _make_handler_coro(), which directly uses cloudpickle.loads() on received messages without any sanitization. This can result in remote code execution by deserializing malicious pickle data.

Weaknesses (CWE)

CWE-502 Deserialization of Untrusted Data Primary CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Primary CWE-502 CWE-78

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

Timeline

Published
March 20, 2025
Last Modified
October 15, 2025
First Seen
March 20, 2025
Back to Threat Feed