3 matches found
CVE-2026-35000 ChangeDetection.io < 0.54.7 SafeXPath3Parser Bypass Arbitrary File Read
ChangeDetection.io versions prior to 0.54.7 contain a protection bypass vulnerability in the SafeXPath3Parser implementation that allows attackers to read arbitrary local files by using unblocked XPath 3.0/3.1 functions such as json-doc and similar file-access primitives. Attackers can exploit th...
GHSA-5R2P-PJR8-7FH7 SageMaker Python SDK replaced eval() with safe parser in JumpStart search functionality
Summary This advisory addresses the use of the searchhub function within the SageMaker Python SDK's JumpStart search functionality. An actor with the ability to control query parameters passed to the searchhub function could potentially provide malformed input that causes the eval function to...
SageMaker Python SDK replaced eval() with safe parser in JumpStart search functionality
Summary This advisory addresses the use of the searchhub function within the SageMaker Python SDK's JumpStart search functionality. An actor with the ability to control query parameters passed to the searchhub function could potentially provide malformed input that causes the eval function to...