CVE-2024-34072

sagemaker-python-sdk is a library for training and deploying machine learning models on Amazon SageMaker. The sagemaker.basedeserializers.NumpyDeserializer module before v2.218.0 allows potentially unsafe deserialization when untrusted data is passed as pickled object arrays. This consequently ma...

CVE-2024-34072 Deserialization of Untrusted Data in sagemaker-python-sdk

sagemaker-python-sdk is a library for training and deploying machine learning models on Amazon SageMaker. The sagemaker.basedeserializers.NumpyDeserializer module before v2.218.0 allows potentially unsafe deserialization when untrusted data is passed as pickled object arrays. This consequently ma...

CVE-2024-34072

Summary (CVE-2024-34072) : The sagemaker-python-sdk’s sagemaker.base_deserializers.NumpyDeserializer module before v2.218.0 is vulnerable to unsafe deserialization of untrusted pickled numpy object arrays. This can enable a local attacker to achieve remote code execution, denial of service, and i...

SageMaker Python SDK 安全漏洞

SageMaker Python SDK is an open source library open sourced by Amazon Web Services. It is used for training and deploying machine learning models on Amazon SageMaker. A security vulnerability exists in the SageMaker Python SDK prior to version 2.218.0, which stems from a deserialization...