TorchGeo Remote Code Execution Vulnerability

Impact TorchGeo 0.4–0.6.0 used an eval statement in its model weight API that could allow an unauthenticated, remote attacker to execute arbitrary commands. All platforms that expose torchgeo.models.getweight or torchgeo.trainers as an external API could be affected. Patches The eval statement wa...

TorchGeo Remote Code Execution Vulnerability

Impact TorchGeo 0.4–0.6.0 used an ""eval"" https://docs.python.org/3/library/functions.htmleval statement in its model weight API that could allow an unauthenticated, remote attacker to execute arbitrary commands. All platforms that expose ""torchgeo.models.getweight""...

EUVD-2022-34117

Malicious code in bioql PyPI...

EUVD-2022-27408

Malicious code in bioql PyPI...

CVE-2022-29791

The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services...

CVE-2022-29796

The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services...

CVE-2022-22261

The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services...

CVE-2022-29796

The CVE-2022-29796 entry concerns Huawei HarmonyOS HiAIserver, an AI service component. The vulnerability is in how HiAIserver validates the weights used by a model, with the described impact that exploitation can cause abnormalities in the AI service and affect AI operations. Publicly provided d...

CVE-2022-22261

The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services...