2369221 – (CVE-2025-46722) CVE-2025-46722 vllm: vLLM has a Weakness in MultiModalHasher Image Hashing Implementation

Bug 2369221 (CVE-2025-46722) - CVE-2025-46722 vllm: vLLM has a Weakness in MultiModalHasher Image Hashing Implementation

Summary: CVE-2025-46722 vllm: vLLM has a Weakness in MultiModalHasher Image Hashing Im...

Keywords:
Status:	NEW
Alias:	CVE-2025-46722
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-05-29 17:01 UTC by OSIDB Bzimport
Modified:	2025-05-30 13:29 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-05-29 17:01:11 UTC

vLLM is an inference and serving engine for large language models (LLMs). In versions starting from 0.7.0 to before 0.9.0, in the file vllm/multimodal/hasher.py, the MultiModalHasher class has a security and data integrity issue in its image hashing method. Currently, it serializes PIL.Image.Image objects using only obj.tobytes(), which returns only the raw pixel data, without including metadata such as the image’s shape (width, height, mode). As a result, two images of different sizes (e.g., 30x100 and 100x30) with the same pixel byte sequence could generate the same hash value. This may lead to hash collisions, incorrect cache hits, and even data leakage or security risks. This issue has been patched in version 0.9.0.

Note You need to log in before you can comment on or make changes to this bug.