Lucene search
K

4 matches found

Veracode
Veracode
added 2026/05/23 5:55 a.m.5 views

Improper Integrity Verification

Amazon SageMaker Python SDK is vulnerable to improper integrity verification. The vulnerability is due to missing integrity verification in the Triton inference handler, which allows an authenticated attacker with S3 write access to replace model artifacts with a specially crafted pickle payload...

7.2CVSS6.5AI score0.0039EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/21 5:56 p.m.8 views

GHSA-RQ6V-X3J8-7QGF Amazon SageMaker Python SDK is missing integrity verification in its Triton inference handler

Summary Amazon SageMaker Python SDK is an open-source library for training and deploying machine learning models on Amazon SageMaker. An issue exists where, under certain circumstances, the Triton inference handler deserializes model artifacts without performing integrity verification, allowing...

7.2CVSS6.5AI score0.0039EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/03/20 12:0 a.m.5 views

PT-2026-26758

Name of the Vulnerable Software and Affected Versions MinIO versions prior to RELEASE.2026-03-17T21-25-16Z Description The MinIO AIStor Security Token Service STS AssumeRoleWithLDAPIdentity endpoint is susceptible to LDAP credential brute-forcing. This is due to a combination of distinguishable...

10CVSS5.8AI score0.03256EPSS
Exploits67References151
Github Security Blog
Github Security Blog
added 2026/02/02 11:33 p.m.17 views

SageMaker Python SDK has Exposed HMAC

Summary SageMaker Python SDK is an open source library for training and deploying machine learning models on Amazon SageMaker. An issue where the HMAC secret key is stored in environment variables and disclosed via the DescribeTrainingJob API has been identified. Impact - Function and Payload...

8.5CVSS6.5AI score0.00455EPSS
Exploits0References8Affected Software1
Rows per page
Query Builder