Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:8 a.m.8 views

CVE-2024-2912

An insecure deserialization vulnerability exists in the BentoML framework, allowing remote code execution RCE by sending a specially crafted POST request. By exploiting this vulnerability, attackers can execute arbitrary commands on the server hosting the BentoML application. The vulnerability is...

10CVSS8.6AI score0.01497EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2024/04/16 12:30 a.m.7 views

bento2seldon (>=0.1.0 <=0.4.0), bento2seldon4recsys (>=0.1.0 <=0.1.3) +15 more potentially affected by CVE-2024-2912 via bentoml (>=0.10.1 <=1.2.20)

bentoml PYPI version =0.10.1, =0.1.0, =0.1.0, =0.0.10, =0.0.5, =0.3.12, =0.0.1, =1.0.3, =0.0.10, =0.0.1, =0.0.1, =0.0.13 - tfhubartifact =0.0.4 and more Source cves: CVE-2024-2912 Source advisory: OSV:GHSA-HVJ5-MVW9-93J3...

10CVSS7.2AI score0.01497EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/04/16 12:0 a.m.16 views

CVE-2024-2912 Insecure Deserialization Leading to RCE in bentoml/bentoml

An insecure deserialization vulnerability exists in the BentoML framework, allowing remote code execution RCE by sending a specially crafted POST request. By exploiting this vulnerability, attackers can execute arbitrary commands on the server hosting the BentoML application. The vulnerability is...

10CVSS8.5AI score0.01497EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/16 12:0 a.m.36 views

CVE-2024-2912 Insecure Deserialization Leading to RCE in bentoml/bentoml

An insecure deserialization vulnerability exists in the BentoML framework, allowing remote code execution RCE by sending a specially crafted POST request. By exploiting this vulnerability, attackers can execute arbitrary commands on the server hosting the BentoML application. The vulnerability is...

10CVSS10AI score0.01497EPSS
Exploits0References2
Rows per page
Query Builder