6 matches found
GHSA-FHHQ-H4HG-549X ModelScope is vulnerable to arbitrary code injection via a crafted module
An issue was discovered in ModelScope 1.25.0 allowing attackers to execute arbitrary code via crafted module listed in the configuration file deymini.yaml under the key 'nnet''module'...
ModelScope is vulnerable to arbitrary code injection via a crafted module
An issue was discovered in ModelScope 1.25.0 allowing attackers to execute arbitrary code via crafted module listed in the configuration file deymini.yaml under the key 'nnet''module'...
CVE-2025-51427
An issue was discovered in ModelScope 1.25.0 allowing attackers to execute arbitrary code via crafted module listed in the configuration file deymini.yaml under the key 'nnet''module'...
CVE-2025-51427
An issue was discovered in ModelScope 1.25.0 allowing attackers to execute arbitrary code via crafted module listed in the configuration file deymini.yaml under the key 'nnet''module'...
EUVD-2025-209897
An issue was discovered in ModelScope 1.25.0 allowing attackers to execute arbitrary code via crafted module listed in the configuration file deymini.yaml under the key 'nnet''module'...
CVE-2025-51427
ModelScope 1.25.0 is affected by CVE-2025-51427. The issue allows arbitrary code execution via a crafted module listed in the deployment’s configuration file (dey_mini.yaml) under the key ['nnet']['module']. The root cause is a unsafe module loading path in the configuration, enabling an attacker...