55 matches found
GHSA-F2M9-WCF4-CWWX MLFlow Creates a Temporary File With Insecure Permissions
In mlflow/mlflow versions prior to 3.11.0, the getorcreatenfstmpdir function in mlflow/utils/fileutils.py creates temporary directories with world-writable permissions 0o777, and the createmodeldownloadingtmpdir function in mlflow/pyfunc/init.py creates directories with group-writable permissions...
MLFlow Creates a Temporary File With Insecure Permissions
In mlflow/mlflow versions prior to 3.11.0, the getorcreatenfstmpdir function in mlflow/utils/fileutils.py creates temporary directories with world-writable permissions 0o777, and the createmodeldownloadingtmpdir function in mlflow/pyfunc/init.py creates directories with group-writable permissions...
CVE-2026-4137
In mlflow/mlflow versions prior to 3.11.0, the getorcreatenfstmpdir function in mlflow/utils/fileutils.py creates temporary directories with world-writable permissions 0o777, and the createmodeldownloadingtmpdir function in mlflow/pyfunc/init.py creates directories with group-writable permissions...
CVE-2026-4137
CVE-2026-4137 : In mlflow/mlflow before 3.11.0, two temp-dir creation paths expose world/group-writable permissions: get_or_create_nfs_tmp_dir() creates 0o777 and _create_model_downloading_tmp_dir() creates 0o770. This enables local attackers with access to shared NFS mounts (e.g., Databricks) to...
CVE-2026-4137 Incomplete Fix for CVE-2025-10279: Insecure Temporary Directory Permissions in mlflow/mlflow
In mlflow/mlflow versions prior to 3.11.0, the getorcreatenfstmpdir function in mlflow/utils/fileutils.py creates temporary directories with world-writable permissions 0o777, and the createmodeldownloadingtmpdir function in mlflow/pyfunc/init.py creates directories with group-writable permissions...
EUVD-2026-30807
In mlflow/mlflow versions prior to 3.11.0, the getorcreatenfstmpdir function in mlflow/utils/fileutils.py creates temporary directories with world-writable permissions 0o777, and the createmodeldownloadingtmpdir function in mlflow/pyfunc/init.py creates directories with group-writable permissions...
CVE-2026-31234
Horovod thru 0.28.1 contains an insecure deserialization vulnerability CWE-502 in its KVStore HTTP server component. The KVStore server, used for distributed task coordination, lacks authentication and authorization controls, allowing any remote attacker to write arbitrary data via HTTP PUT...
PT-2026-40121
Horovod thru 0.28.1 contains an insecure deserialization vulnerability CWE-502 in its KVStore HTTP server component. The KVStore server, used for distributed task coordination, lacks authentication and authorization controls, allowing any remote attacker to write arbitrary data via HTTP PUT...
Horovod 安全漏洞
Horovod is a distributed training framework developed by Horovod OpenSource, based on TensorFlow, Keras, PyTorch, and Apache MXNet. Horovod versions 0.28.1 and earlier contain security vulnerabilities. These vulnerabilities stem from the lack of authentication and authorization controls in the...
CVE-2026-31234
Horovod through v0.28.1 exposes an insecure deserialization vulnerability (CWE-502) in its KVStore HTTP server. The KVStore server lacks authentication/authorization, allowing remote attackers to write arbitrary data via HTTP PUT. When a Horovod worker subsequently reads data from KVStore (via HT...
CVE-2026-41486
Ray is an AI compute engine. From version 2.54.0 to before version 2.55.0, Ray Data registers custom Arrow extension types ray.data.arrowtensor, ray.data.arrowtensorv2, ray.data.arrowvariableshapedtensor globally in PyArrow. When PyArrow reads a Parquet file containing one of these extension type...
CVE-2026-41486
Ray contains a remote code execution flaw (CVE-2026-41486) observed in Ray 2.49.0–2.54.0 where PyArrow reads Parquet extension types in metadata and Ray passes the bytes to cloudpickle.loads() during schema parsing, enabling arbitrary code execution before any row data is read. The issue affects ...
EUVD-2026-28828
Ray is an AI compute engine. From version 2.54.0 to before version 2.55.0, Ray Data registers custom Arrow extension types ray.data.arrowtensor, ray.data.arrowtensorv2, ray.data.arrowvariableshapedtensor globally in PyArrow. When PyArrow reads a Parquet file containing one of these extension type...
CVE-2026-41486
Ray is an AI compute engine. From version 2.54.0 to before version 2.55.0, Ray Data registers custom Arrow extension types ray.data.arrowtensor, ray.data.arrowtensorv2, ray.data.arrowvariableshapedtensor globally in PyArrow. When PyArrow reads a Parquet file containing one of these extension type...
GHSA-MW35-8RX3-XF9R Ray: Remote Code Execution via Parquet Arrow Extension Type Deserialization
Ray Data registers custom Arrow extension types ray.data.arrowtensor, ray.data.arrowtensorv2, ray.data.arrowvariableshapedtensor globally in PyArrow. When PyArrow reads a Parquet file containing one of these extension types, it calls arrowextdeserialize on the field's metadata bytes. Ray's...
Deserialization of Untrusted Data
Overview ray is an A system for parallel and distributed Python that unifies the ML ecosystem. Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the deserialization of Parquet Arrow extension type metadata via the cloudpickle.loads function. An attacker can...
Ray: Remote Code Execution via Parquet Arrow Extension Type Deserialization
Ray Data registers custom Arrow extension types ray.data.arrowtensor, ray.data.arrowtensorv2, ray.data.arrowvariableshapedtensor globally in PyArrow. When PyArrow reads a Parquet file containing one of these extension types, it calls arrowextdeserialize on the field's metadata bytes. Ray's...
PT-2026-37117
Name of the Vulnerable Software and Affected Versions Ray versions 2.49.0 through 2.54.0 Description Ray Data registers custom Arrow extension types ray.data.arrow tensor, ray.data.arrow tensor v2, and ray.data.arrow variable shaped tensor globally in PyArrow. When PyArrow reads a Parquet file...
Incomplete Fix for CVE-2025-10279: get_or_create_nfs_tmp_dir() Still Creates World-Writable (0o777) Directories Enabling Local Code Execution
Description Description CVE-2025-10279 huntr bounty 01d3b81e identified that MLflow's getorcreatetmpdir created temporary directories with world-writable permissions 0o777, enabling local attackers to tamper with model artifacts and achieve arbitrary code execution. The fix PR 17544, commit...
CVE-2026-0773
Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Upsonic. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...