4 matches found
CVE-2024-37058 vulnerabilities
Vulnerabilities for packages: mlflow...
CVE-2024-37058
CVE-2024-37058 describes a deserialization of untrusted data in MLflow platforms running version 2.5.0 or newer, allowing a maliciously uploaded Langchain AgentExecutor model to execute arbitrary code on an end user’s system during interaction. The connected documents corroborate this issue acros...
CVE-2024-37058
Deserialization of untrusted data can occur in versions of the MLflow platform running version 2.5.0 or newer, enabling a maliciously uploaded Langchain AgentExecutor model to run arbitrary code on an end user’s system when interacted with...
CVE-2024-37058
Deserialization of untrusted data can occur in versions of the MLflow platform running version 2.5.0 or newer, enabling a maliciously uploaded Langchain AgentExecutor model to run arbitrary code on an end user’s system when interacted with...