4 matches found
CVE-2024-2912
An insecure deserialization vulnerability exists in the BentoML framework, allowing remote code execution RCE by sending a specially crafted POST request. By exploiting this vulnerability, attackers can execute arbitrary commands on the server hosting the BentoML application. The vulnerability is...
bento2seldon (>=0.1.0 <=0.4.0), bento2seldon4recsys (>=0.1.0 <=0.1.3) +15 more potentially affected by CVE-2024-2912 via bentoml (>=0.10.1 <=1.2.20)
bentoml PYPI version =0.10.1, =0.1.0, =0.1.0, =0.0.10, =0.0.5, =0.3.12, =0.0.1, =1.0.3, =0.0.10, =0.0.1, =0.0.1, =0.0.13 - tfhubartifact =0.0.4 and more Source cves: CVE-2024-2912 Source advisory: OSV:GHSA-HVJ5-MVW9-93J3...
CVE-2024-2912 Insecure Deserialization Leading to RCE in bentoml/bentoml
An insecure deserialization vulnerability exists in the BentoML framework, allowing remote code execution RCE by sending a specially crafted POST request. By exploiting this vulnerability, attackers can execute arbitrary commands on the server hosting the BentoML application. The vulnerability is...
CVE-2024-2912 Insecure Deserialization Leading to RCE in bentoml/bentoml
An insecure deserialization vulnerability exists in the BentoML framework, allowing remote code execution RCE by sending a specially crafted POST request. By exploiting this vulnerability, attackers can execute arbitrary commands on the server hosting the BentoML application. The vulnerability is...