CVE-2024-10073

A vulnerability, which was classified as critical, was found in flairNLP flair 0.14.0. Affected is the function ClusteringModel of the file flair\models\clustering.py of the component Mode File Loader. The manipulation leads to code injection. It is possible to launch the attack remotely. The...

Code Injection

flairNLP is vulnerable to code injection. The vulnerability is inadequate input validation in the ClusteringModel function of flair\models\clustering.py, allowing malicious code to be injected and executed remotely...

CVE-2024-10073

A vulnerability, which was classified as critical, was found in flairNLP flair 0.14.0. Affected is the function ClusteringModel of the file flair\models\clustering.py of the component Mode File Loader. The manipulation leads to code injection. It is possible to launch the attack remotely. The...

Arbitrary Code Injection

Overview flair is an A very simple framework for state-of-the-art NLP Affected versions of this package are vulnerable to Arbitrary Code Injection through the function ClusteringModel of the file flair\models\clustering.py. An attacker can execute arbitrary code by manipulating the input data to...

CVE-2024-10073

flairNLP flair 0.14.0 is affected by a code-injection vulnerability in the ClusteringModel function located in flair/models/clustering.py (Mode File Loader). The issue allows remote code execution and is described as high severity; attack complexity is listed as high and exploitation has been dis...

PT-2024-16009 · Flairnlp · Flairnlp

Name of the Vulnerable Software and Affected Versions: flairNLP flair version 0.14.0 Description: A critical vulnerability was found in the function ClusteringModel of the file flairmodelsclustering.py of the component Mode File Loader. The manipulation leads to code injection. It is possible to...