5 matches found
CVE-2025-50460
A remote code execution RCE vulnerability exists in the ms-swift project version 3.3.0 due to unsafe deserialization in tests/run.py using yaml.load from the PyYAML library versions = 5.3.1. If an attacker can control the content of the YAML configuration file passed to the --runconfig parameter,...
CVE-2025-50460
A remote code execution RCE vulnerability exists in the ms-swift project version 3.3.0 due to unsafe deserialization in tests/run.py using yaml.load from the PyYAML library versions = 5.3.1. If an attacker can control the content of the YAML configuration file passed to the --runconfig parameter,...
scepter (>=1.1.0 <=1.4.1) potentially affected by CVE-2025-50460 via ms-swift (=3.10.3)
ms-swift PYPI version =3.10.3 is affected by a known vulnerability. The following packages have a transitive dependency on ms-swift and may be impacted: - scepter =1.1.0, =1.4.1 Source cves: CVE-2025-50460 Source advisory: SNYK:PYTHON-MSSWIFT-11502368...
modelscope (>=1.9.0 <=1.9.1), scepter (>=0.0.1 <=1.4.1) potentially affected by CVE-2025-50460 via ms-swift (>=1.3.0 <=3.10.3)
ms-swift PYPI version =1.3.0, =1.9.0, =0.0.1, =1.4.1 Source cves: CVE-2025-50460 Source advisory: OSV:GHSA-FM6C-F59H-7MMG...
Exploit for CVE-2025-50460
CVE-2025-50460: Remote Code Execution in modelscope/ms-swift v...