Lucene search
K

8 matches found

vulnersOsv
vulnersOsv
added 2026/05/21 5:56 p.m.6 views

amzn-nova-customization-sdk (>=1.0.29 <=1.0.72), autogluon-cloud (>=0.1.1b20230324 <=0.2.1b20231219) +19 more potentially affected by CVE-2026-8597 via sagemaker (>=2.199.0 <=2.254.1)

sagemaker PYPI version =2.199.0, =1.0.29, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =2.1.0, =2.0.0, =1.0.0, =1.0.0, =0.4.0, =0.7.3, =0.4.6, =0.4.0, =0.5.5 and more Source cves: CVE-2026-8597 Source advisory: SNYK:PYTHON-SAGEMAKER-16795363...

7.2CVSS5.4AI score0.0039EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/05/21 5:42 p.m.6 views

amzn-nova-customization-sdk (>=1.0.29 <=1.0.72), autogluon-cloud (>=0.1.1b20230324 <=0.2.1b20231219) +19 more potentially affected by CVE-2026-8596 via sagemaker (>=2.199.0 <=2.254.1)

sagemaker PYPI version =2.199.0, =1.0.29, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =2.1.0, =2.0.0, =1.0.0, =1.0.0, =0.4.0, =0.7.3, =0.4.6, =0.4.0, =0.5.5 and more Source cves: CVE-2026-8596 Source advisory: OSV:GHSA-7HH5-PRP2-MFH5...

8.5CVSS5.4AI score0.00439EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/02/02 11:33 p.m.6 views

amzn-nova-customization-sdk (>=1.0.29 <=1.0.72), anymodality (=0.1.0) +27 more potentially affected by CVE-2026-1777 via sagemaker (>=1.52.1 <=2.254.1)

sagemaker PYPI version =1.52.1, =1.0.29, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =0.2.8, =1.97.0.dev0, =2.0.0, =1.0.0, =1.0.0, =0.4.0, =0.7.3, =1.0.1 and more Source cves: CVE-2026-1777 Source advisory: OSV:GHSA-RJRP-M2JW-PV9C...

8.5CVSS5.8AI score0.00455EPSS
Exploits0
Snyk
Snyk
added 2026/02/02 11:33 p.m.1 views

Insertion of Sensitive Information Into Sent Data

Overview sagemaker is an Open source library for training and deploying models on Amazon SageMaker. Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data via the storage of HMAC keys and disclosure through the DescribeTrainingJob API. An attacker ca...

9.1CVSS6.1AI score0.00455EPSS
Exploits0References3
Veracode
Veracode
added 2025/03/28 10:50 a.m.18 views

MD5 Hash Collisions

sagemaker is vulnerable to MD5 Hash Collisions. The vulnerability is due to weak hashing in workflow identification due to the reuse of results from different configurations that produce the same MD5 hash, potentially leading to unintended workflow replacements and integrity issues...

5.9CVSS7AI score0.00247EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2025/03/20 12:32 p.m.7 views

Expected Behavior Violation

Overview sagemaker is an Open source library for training and deploying models on Amazon SageMaker. Affected versions of this package are vulnerable to Expected Behavior Violation via to the utilities.py component. An attacker can cause integrity problems within the pipeline, potentially leading ...

8.2CVSS7AI score0.00247EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.7 views

anymodality (=0.1.0), autogluon-cloud (>=0.1.1b20230324 <=0.2.1b20230929) +22 more potentially affected by CVE-2025-0508 via sagemaker (>=2.0.0 <=2.236.0)

sagemaker PYPI version =2.0.0, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =1.0.0, =1.97.0.dev0, =2.0.0, =1.0.0, =1.0.0, =0.7.3, =0.1.2, =0.0.9, =0.0.10 and more Source cves: CVE-2025-0508 Source advisory: SNYK:PYTHON-SAGEMAKER-9510926...

5.9CVSS6.2AI score0.00247EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.4 views

anymodality (=0.1.0), autogluon-cloud (>=0.1.1b20230324 <=0.2.1b20230929) +23 more potentially affected by CVE-2025-0508 via sagemaker (>=1.52.1 <=2.236.0)

sagemaker PYPI version =1.52.1, =0.1.1b20230324, =0.4.6, =0.1.0, =0.1.1, =0.9.0, =0.2.8, =1.97.0.dev0, =2.0.0, =1.0.0, =1.0.0, =0.7.3, =0.1.2, =0.4.6 - hydro-integrations =2.3.0.dev0 and more Source cves: CVE-2025-0508 Source advisory: OSV:GHSA-32G6-MG92-GHM2...

5.9CVSS6.2AI score0.00247EPSS
Exploits0
Rows per page
Query Builder