8 matches found
amzn-nova-customization-sdk (>=1.0.29 <=1.0.72), autogluon-cloud (>=0.1.1b20230324 <=0.2.1b20231219) +19 more potentially affected by CVE-2026-8597 via sagemaker (>=2.199.0 <=2.254.1)
sagemaker PYPI version =2.199.0, =1.0.29, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =2.1.0, =2.0.0, =1.0.0, =1.0.0, =0.4.0, =0.7.3, =0.4.6, =0.4.0, =0.5.5 and more Source cves: CVE-2026-8597 Source advisory: SNYK:PYTHON-SAGEMAKER-16795363...
amzn-nova-customization-sdk (>=1.0.29 <=1.0.72), autogluon-cloud (>=0.1.1b20230324 <=0.2.1b20231219) +19 more potentially affected by CVE-2026-8596 via sagemaker (>=2.199.0 <=2.254.1)
sagemaker PYPI version =2.199.0, =1.0.29, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =2.1.0, =2.0.0, =1.0.0, =1.0.0, =0.4.0, =0.7.3, =0.4.6, =0.4.0, =0.5.5 and more Source cves: CVE-2026-8596 Source advisory: OSV:GHSA-7HH5-PRP2-MFH5...
amzn-nova-customization-sdk (>=1.0.29 <=1.0.72), anymodality (=0.1.0) +27 more potentially affected by CVE-2026-1777 via sagemaker (>=1.52.1 <=2.254.1)
sagemaker PYPI version =1.52.1, =1.0.29, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =0.2.8, =1.97.0.dev0, =2.0.0, =1.0.0, =1.0.0, =0.4.0, =0.7.3, =1.0.1 and more Source cves: CVE-2026-1777 Source advisory: OSV:GHSA-RJRP-M2JW-PV9C...
Insertion of Sensitive Information Into Sent Data
Overview sagemaker is an Open source library for training and deploying models on Amazon SageMaker. Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the storage of HMAC keys and disclosure through the DescribeTrainingJob API. An attacker ca...
MD5 Hash Collisions
sagemaker is vulnerable to MD5 Hash Collisions. The vulnerability is due to weak hashing in workflow identification due to the reuse of results from different configurations that produce the same MD5 hash, potentially leading to unintended workflow replacements and integrity issues...
Expected Behavior Violation
Overview sagemaker is an Open source library for training and deploying models on Amazon SageMaker. Affected versions of this package are vulnerable to Expected Behavior Violation via to the utilities.py component. An attacker can cause integrity problems within the pipeline, potentially leading ...
anymodality (=0.1.0), autogluon-cloud (>=0.1.1b20230324 <=0.2.1b20230929) +22 more potentially affected by CVE-2025-0508 via sagemaker (>=2.0.0 <=2.236.0)
sagemaker PYPI version =2.0.0, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =1.0.0, =1.97.0.dev0, =2.0.0, =1.0.0, =1.0.0, =0.7.3, =0.1.2, =0.0.9, =0.0.10 and more Source cves: CVE-2025-0508 Source advisory: SNYK:PYTHON-SAGEMAKER-9510926...
anymodality (=0.1.0), autogluon-cloud (>=0.1.1b20230324 <=0.2.1b20230929) +23 more potentially affected by CVE-2025-0508 via sagemaker (>=1.52.1 <=2.236.0)
sagemaker PYPI version =1.52.1, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =0.2.8, =1.97.0.dev0, =2.0.0, =1.0.0, =1.0.0, =0.7.3, =0.1.2, =0.4.6 - hydro-integrations =2.3.0.dev0 and more Source cves: CVE-2025-0508 Source advisory: OSV:GHSA-32G6-MG92-GHM2...