Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks

Cybersecurity researchers have disclosed multiple security flaws impacting open-source machine learning ML tools and frameworks such as MLflow, H2O, PyTorch, and MLeap that could pave the way for code execution. The vulnerabilities, discovered by JFrog, are part of a broader collection of 22...

com.databricks.labs:automl-toolkit (=0.8.1), ml.combust.mleap:mleap-avro_2.12 (>=0.14.0 <=0.23.0) +14 more potentially affected by CVE-2023-5245 via ml.combust.mleap:mleap-runtime_2.12 (>=0.14.0 <=0.23.0)

ml.combust.mleap:mleap-runtime2.12 MAVEN version =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.19.0, =0.14.0, =0.14.0, =0.14.0, =0.14.0, =0.19.0, =0.14.0, =0.17.0, =0.23.0 and more Source cves: CVE-2023-5245 Source advisory: OSV:GHSA-897X-XVJ8-42RQ...

Zip slip in mleap

FileUtil.extract enumerates all zip file entries and extracts each file without validating whether file paths in the archive are outside the intended directory. When creating an instance of TensorflowModel using the savedmodel format and an exported tensorflow model, the apply function invokes th...

GHSA-897X-XVJ8-42RQ Zip slip in mleap

FileUtil.extract enumerates all zip file entries and extracts each file without validating whether file paths in the archive are outside the intended directory. When creating an instance of TensorflowModel using the savedmodel format and an exported tensorflow model, the apply function invokes th...

CVE-2023-5245 Using MLeap for loading a saved model (zip archive) can lead to path traversal/arbitrary file creation and possibly remote code execution.

FileUtil.extract enumerates all zip file entries and extracts each file without validating whether file paths in the archive are outside the intended directory. When creating an instance of TensorflowModel using the savedmodel format and an exported tensorflow model, the apply function invokes th...

MLeap Path Traversal Vulnerability

MLeap is a common serialization format and execution engine for machine learning pipelines. MLeap suffers from a security vulnerability that stems from not verifying that file paths in an archive are located outside of the expected directory, and arbitrary file creation can lead directly to code...

PT-2023-31972 · Mleap +1 · Mleap +2

Name of the Vulnerable Software and Affected Versions: MLeap versions prior to 0.17.0 Description: The issue is related to a path traversal flaw, also known as Zip Slip, which allows arbitrary file creation and can lead to code execution. This occurs when the FileUtil.extract function enumerates...