Seory0

Name of the Vulnerable Software and Affected Versions vLLM versions 0.7.0 through 0.18.9 Description vLLM is an inference and serving engine for large language models (LLMs). The VideoMediaIO.load base64() method at vllm/multimodal/media/video.py does not enforce a frame count limit when splitting video/jpeg data URLs by comma to extract individual JPEG frames. The num frames parameter, which is enforced by the load bytes() code path, is bypassed in the video/jpeg base64 path. An attacker can send a single API request containing thousands of comma-separated base64-encoded JPEG frames, causing the server to decode all frames into memory and crash with an out-of-memory (OOM) error. The `load base64()` function at `vllm/multimodal/media/video.py:51-62` is vulnerable. The API endpoint `/v1/chat/completions` is involved in the data flow. The `data` variable within the `load base64()` function is unbounded, leading to excessive memory consumption. The `video/jpeg` MIME type is part of the public API surface, used in functions like `encode video url()` and test suites. Recommendations Update to version 0.19.0 or later.