Lucene search
+L

6 matches found

vulnersOsv
vulnersOsv
added 2024/06/04 12:31 p.m.3 views

a2 (>=0.1.0 <=0.3.17), abadpour (>=6.13.1 <=7.24.1) +946 more potentially affected by CVE-2024-37059 via mlflow (>=0.8.2 <=3.4.0)

mlflow PYPI version =0.8.2, =0.1.0, =6.13.1, =9.273.1, =1.1.0, =0.1.0, =0.1.0, =0.4.4, =0.3.0, =0.0.5, =1.0.0, =0.1.0, =1.1.1 - ai-helpers-pytorch-utils =0.1.0a1 - ailine-core =0.5.5 and more Source cves: CVE-2024-37059 Source advisory: OSV:GHSA-WF7F-8FXF-XFXC...

8.8CVSS7.2AI score0.00618EPSS
Exploits1
Wolfi
Wolfi
added 2024/06/04 12:15 p.m.15 views

CVE-2024-37059 vulnerabilities

Vulnerabilities for packages: mlflow...

8.8CVSS7.2AI score0.00618EPSS
Exploits1
NVD
NVD
added 2024/06/04 12:15 p.m.25 views

CVE-2024-37059

Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.5.0 or newer, enabling a maliciously uploaded PyTorch model to run arbitrary code on an end user’s system when interacted with...

8.8CVSS8.8AI score0.00618EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/06/04 12:1 p.m.33 views

CVE-2024-37059

Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.5.0 or newer, enabling a maliciously uploaded PyTorch model to run arbitrary code on an end user’s system when interacted with...

8.8CVSS8.8AI score0.00618EPSS
Exploits1References1
CVE
CVE
added 2024/06/04 12:1 p.m.144 views

CVE-2024-37059

MLflow contains a deserialization vulnerability affecting versions 0.5.0 and later in the PyTorch integration (mlflow/pytorch/init .py _load_model), where untrusted model data can trigger arbitrary code execution when a PyFunc model is loaded. Reports from Veracode describe attacker-controlled pi...

8.8CVSS7.6AI score0.00618EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/04 12:1 p.m.18 views

CVE-2024-37059

Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.5.0 or newer, enabling a maliciously uploaded PyTorch model to run arbitrary code on an end user’s system when interacted with...

8.8CVSS8.8AI score0.00618EPSS
Exploits1References1
Rows per page
Query Builder