PT-2024-27270
Name of the Vulnerable Software and Affected Versions MLflow versions 1.24.0 and newer Description The issue allows deserialization of untrusted data, enabling a maliciously uploaded pmdarima model to run arbitrary code on an end user's system when interacted with. Recommendations For versions...