Lucene search
K

147 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in sagemaker_examples (npm)

The package sagemakerexamples was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.1 views

Malicious code in sagemaker_notebooks_extension (npm)

The package sagemakernotebooksextension was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in sagemaker_session_manager (npm)

The package sagemakersessionmanager was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in sagemaker-forked-extensions (npm)

The package sagemaker-forked-extensions was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-32623 Malicious code in sagemaker_notebooks_extension (npm)

The package sagemakernotebooksextension was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-32624 Malicious code in sagemaker_session_manager (npm)

The package sagemakersessionmanager was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-32621 Malicious code in sagemaker-forked-extensions (npm)

The package sagemaker-forked-extensions was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-32622 Malicious code in sagemaker_examples (npm)

The package sagemakerexamples was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-32625 Malicious code in sagemaker_sharing_extension (npm)

The package sagemakersharingextension was found to contain malicious code...

7.2AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/05/28 2:57 p.m.7 views

aggregation-agent (>=0.1.2 <=0.1.11), airflow-add-ons (>=0.2.7 <=0.2.15) +125 more potentially affected by CVE-2025-5279 via redshift-connector (>=2.0.888 <=2.1.2)

redshift-connector PYPI version =2.0.888, =0.1.2, =0.2.7, =0.0.1, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.0.3, =0.1.0, =3.1.0rc1, =1.0.0, =1.0.4 - arrowjet =0.1.0 and more Source cves: CVE-2025-5279 Source advisory: OSV:GHSA-R244-WG5G-6W2R...

7CVSS5.7AI score0.00251EPSS
Exploits0
Veracode
Veracode
added 2025/03/28 10:50 a.m.20 views

MD5 Hash Collisions

sagemaker is vulnerable to MD5 Hash Collisions. The vulnerability is due to weak hashing in workflow identification due to the reuse of results from different configurations that produce the same MD5 hash, potentially leading to unintended workflow replacements and integrity issues...

5.9CVSS7AI score0.00247EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/03/22 1:24 p.m.23 views

CVE-2025-0508

A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows being inadvertently replaced due to the reuse of results from different configurations that produce the same MD5 hash. This...

5.9CVSS7.2AI score0.00247EPSS
Exploits0References1
OSV
OSV
added 2025/03/20 12:32 p.m.8 views

GHSA-32G6-MG92-GHM2 SageMaker Workflow component allows possibility of MD5 hash collisions

A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows being inadvertently replaced due to the reuse of results from different configurations that produce the same MD5 hash. This...

5.9CVSS7.1AI score0.00247EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2025/03/20 12:32 p.m.13 views

SageMaker Workflow component allows possibility of MD5 hash collisions

A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows being inadvertently replaced due to the reuse of results from different configurations that produce the same MD5 hash. This...

5.9CVSS6.8AI score0.00247EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2025/03/20 12:32 p.m.8 views

Expected Behavior Violation

Overview sagemaker is an Open source library for training and deploying models on Amazon SageMaker. Affected versions of this package are vulnerable to Expected Behavior Violation via to the utilities.py component. An attacker can cause integrity problems within the pipeline, potentially leading ...

8.2CVSS7AI score0.00247EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.7 views

anymodality (=0.1.0), autogluon-cloud (>=0.1.1b20230324 <=0.2.1b20230929) +22 more potentially affected by CVE-2025-0508 via sagemaker (>=2.0.0 <=2.236.0)

sagemaker PYPI version =2.0.0, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =1.0.0, =1.97.0.dev0, =2.0.0, =1.0.0, =1.0.0, =0.7.3, =0.1.2, =0.0.9, =0.0.10 and more Source cves: CVE-2025-0508 Source advisory: SNYK:PYTHON-SAGEMAKER-9510926...

5.9CVSS6.2AI score0.00247EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.4 views

anymodality (=0.1.0), autogluon-cloud (>=0.1.1b20230324 <=0.2.1b20230929) +23 more potentially affected by CVE-2025-0508 via sagemaker (>=1.52.1 <=2.236.0)

sagemaker PYPI version =1.52.1, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =0.2.8, =1.97.0.dev0, =2.0.0, =1.0.0, =1.0.0, =0.7.3, =0.1.2, =0.4.6 - hydro-integrations =2.3.0.dev0 and more Source cves: CVE-2025-0508 Source advisory: OSV:GHSA-32G6-MG92-GHM2...

5.9CVSS6.2AI score0.00247EPSS
Exploits0
NVD
NVD
added 2025/03/20 10:15 a.m.24 views

CVE-2025-0508

A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows being inadvertently replaced due to the reuse of results from different configurations that produce the same MD5 hash. This...

5.9CVSS0.00247EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/20 10:11 a.m.36 views

CVE-2025-0508 MD5 Hash Collision in SageMaker Workflow in aws/sagemaker-python-sdk

A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows being inadvertently replaced due to the reuse of results from different configurations that produce the same MD5 hash. This...

5.9CVSS0.00247EPSS
Exploits0References2
OSV
OSV
added 2025/03/20 10:11 a.m.13 views

CVE-2025-0508 MD5 Hash Collision in SageMaker Workflow in aws/sagemaker-python-sdk

A vulnerability in the SageMaker Workflow component of aws/sagemaker-python-sdk allows for the possibility of MD5 hash collisions in all versions. This can lead to workflows being inadvertently replaced due to the reuse of results from different configurations that produce the same MD5 hash. This...

5.9CVSS6.2AI score0.00247EPSS
Exploits0References4
Rows per page
Query Builder