147 matches found
Malicious code in sagemaker_examples (npm)
The package sagemakerexamples was found to contain malicious code...
Malicious code in sagemaker_notebooks_extension (npm)
The package sagemakernotebooksextension was found to contain malicious code...
Malicious code in sagemaker_session_manager (npm)
The package sagemakersessionmanager was found to contain malicious code...
Malicious code in sagemaker-forked-extensions (npm)
The package sagemaker-forked-extensions was found to contain malicious code...
MAL-2025-32623 Malicious code in sagemaker_notebooks_extension (npm)
The package sagemakernotebooksextension was found to contain malicious code...
MAL-2025-32624 Malicious code in sagemaker_session_manager (npm)
The package sagemakersessionmanager was found to contain malicious code...
MAL-2025-32621 Malicious code in sagemaker-forked-extensions (npm)
The package sagemaker-forked-extensions was found to contain malicious code...
MAL-2025-32622 Malicious code in sagemaker_examples (npm)
The package sagemakerexamples was found to contain malicious code...
MAL-2025-32625 Malicious code in sagemaker_sharing_extension (npm)
The package sagemakersharingextension was found to contain malicious code...
aggregation-agent (>=0.1.2 <=0.1.11), airflow-add-ons (>=0.2.7 <=0.2.15) +125 more potentially affected by CVE-2025-5279 via redshift-connector (>=2.0.888 <=2.1.2)
redshift-connector PYPI version =2.0.888, =0.1.2, =0.2.7, =0.0.1, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.0.3, =0.1.0, =3.1.0rc1, =1.0.0, =1.0.4 - arrowjet =0.1.0 and more Source cves: CVE-2025-5279 Source advisory: OSV:GHSA-R244-WG5G-6W2R...
MD5 Hash Collisions
sagemaker is vulnerable to MD5 Hash Collisions. The vulnerability is due to weak hashing in workflow identification due to the reuse of results from different configurations that produce the same MD5 hash, potentially leading to unintended workflow replacements and integrity issues...
CVE-2025-0508
A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows being inadvertently replaced due to the reuse of results from different configurations that produce the same MD5 hash. This...
GHSA-32G6-MG92-GHM2 SageMaker Workflow component allows possibility of MD5 hash collisions
A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows being inadvertently replaced due to the reuse of results from different configurations that produce the same MD5 hash. This...
SageMaker Workflow component allows possibility of MD5 hash collisions
A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows being inadvertently replaced due to the reuse of results from different configurations that produce the same MD5 hash. This...
Expected Behavior Violation
Overview sagemaker is an Open source library for training and deploying models on Amazon SageMaker. Affected versions of this package are vulnerable to Expected Behavior Violation via to the utilities.py component. An attacker can cause integrity problems within the pipeline, potentially leading ...
anymodality (=0.1.0), autogluon-cloud (>=0.1.1b20230324 <=0.2.1b20230929) +22 more potentially affected by CVE-2025-0508 via sagemaker (>=2.0.0 <=2.236.0)
sagemaker PYPI version =2.0.0, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =1.0.0, =1.97.0.dev0, =2.0.0, =1.0.0, =1.0.0, =0.7.3, =0.1.2, =0.0.9, =0.0.10 and more Source cves: CVE-2025-0508 Source advisory: SNYK:PYTHON-SAGEMAKER-9510926...
anymodality (=0.1.0), autogluon-cloud (>=0.1.1b20230324 <=0.2.1b20230929) +23 more potentially affected by CVE-2025-0508 via sagemaker (>=1.52.1 <=2.236.0)
sagemaker PYPI version =1.52.1, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =0.2.8, =1.97.0.dev0, =2.0.0, =1.0.0, =1.0.0, =0.7.3, =0.1.2, =0.4.6 - hydro-integrations =2.3.0.dev0 and more Source cves: CVE-2025-0508 Source advisory: OSV:GHSA-32G6-MG92-GHM2...
CVE-2025-0508
A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows being inadvertently replaced due to the reuse of results from different configurations that produce the same MD5 hash. This...
CVE-2025-0508 MD5 Hash Collision in SageMaker Workflow in aws/sagemaker-python-sdk
A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows being inadvertently replaced due to the reuse of results from different configurations that produce the same MD5 hash. This...
CVE-2025-0508 MD5 Hash Collision in SageMaker Workflow in aws/sagemaker-python-sdk
A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows being inadvertently replaced due to the reuse of results from different configurations that produce the same MD5 hash. This...