Lucene search
K

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-2203

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.00618EPSS
Exploits1References3
OSV
OSV
added 2024/06/08 7:26 a.m.14 views

BIT-MLFLOW-2024-37055

Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.24.0 or newer, enabling a maliciously uploaded pmdarima model to run arbitrary code on an end user’s system when interacted with...

8.8CVSS8.7AI score0.00618EPSS
Exploits1References2
OSV
OSV
added 2024/06/04 12:31 p.m.1 views

GHSA-X38X-G6GR-JQFF MLFlow unsafe deserialization

Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.24.0 or newer, enabling a maliciously uploaded pmdarima model to run arbitrary code on an end user’s system when interacted with...

8.8CVSS6.1AI score0.00618EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2024/06/04 12:31 p.m.40 views

MLFlow unsafe deserialization

Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.24.0 or newer, enabling a maliciously uploaded pmdarima model to run arbitrary code on an end user’s system when interacted with...

8.8CVSS8.8AI score0.00618EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/06/04 12:15 p.m.5 views

CVE-2024-37055

Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.24.0 or newer, enabling a maliciously uploaded pmdarima model to run arbitrary code on an end user’s system when interacted with...

8.8CVSS7.5AI score0.00618EPSS
Exploits1References1
NVD
NVD
added 2024/06/04 12:15 p.m.23 views

CVE-2024-37055

Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.24.0 or newer, enabling a maliciously uploaded pmdarima model to run arbitrary code on an end user’s system when interacted with...

8.8CVSS8.8AI score0.00618EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/06/04 12:0 p.m.27 views

CVE-2024-37055

Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.24.0 or newer, enabling a maliciously uploaded pmdarima model to run arbitrary code on an end user’s system when interacted with...

8.8CVSS8.8AI score0.00618EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/06/04 12:0 a.m.3 views

PT-2024-27270

Name of the Vulnerable Software and Affected Versions MLflow versions 1.24.0 and newer Description The issue allows deserialization of untrusted data, enabling a maliciously uploaded pmdarima model to run arbitrary code on an end user's system when interacted with. Recommendations For versions...

8.8CVSS7.5AI score0.00618EPSS
Exploits1References11
Rows per page
Query Builder