6 matches found
CVE-2025-50460
A remote code execution RCE vulnerability exists in the ms-swift project version 3.3.0 due to unsafe deserialization in tests/run.py using yaml.load from the PyYAML library versions = 5.3.1. If an attacker can control the content of the YAML configuration file passed to the --runconfig parameter,...
CVE-2025-50460
A remote code execution RCE vulnerability exists in the ms-swift project version 3.3.0 due to unsafe deserialization in tests/run.py using yaml.load from the PyYAML library versions = 5.3.1. If an attacker can control the content of the YAML configuration file passed to the --runconfig parameter,...
modelscope (>=1.9.0 <=1.9.1), scepter (>=0.0.1 <=1.4.1) potentially affected by unknown CVE via ms-swift (>=1.3.0 <=3.10.3)
ms-swift PYPI version =1.3.0, =1.9.0, =0.0.1, =1.4.1 Source cves: unknown CVE Source advisory: OSV:GHSA-R54C-2XMF-2CF3...
MS SWIFT Deserialization RCE Vulnerability
This appears to be a security vulnerability report describing a remote code execution RCE exploit in the ms-swift framework through malicious pickle deserialization in adapter model files. The vulnerability allows arbitrary command execution when loading specially crafted adapter models from...
GHSA-R54C-2XMF-2CF3 MS SWIFT Deserialization RCE Vulnerability
This appears to be a security vulnerability report describing a remote code execution RCE exploit in the ms-swift framework through malicious pickle deserialization in adapter model files. The vulnerability allows arbitrary command execution when loading specially crafted adapter models from...
scepter (>=1.1.0 <=1.4.1) potentially affected by CVE-2025-41419 via ms-swift (=3.10.3)
ms-swift PYPI version =3.10.3 is affected by a known vulnerability. The following packages have a transitive dependency on ms-swift and may be impacted: - scepter =1.1.0, =1.4.1 Source cves: CVE-2025-41419 Source advisory: SNYK:PYTHON-MSSWIFT-11502591...