2 matches found
GHSA-5FPQ-3C9P-3R3W ShifuML shifu code injection vulnerability
A vulnerability has been found in ShifuML shifu 0.12.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file src/main/java/ml/shifu/shifu/core/DataPurifier.java of the component Java Expression Language Handler. The manipulation of the argument...
ml.shifu:shifu-tensorflow-eval (=0.12.0), ml.shifu:shifu-tensorflow-on-yarn (=0.12.0) potentially affected by CVE-2023-7148 via ml.shifu:shifu (=0.12.0)
ml.shifu:shifu MAVEN version =0.12.0 is affected by a known vulnerability. The following packages have a transitive dependency on ml.shifu:shifu and may be impacted: - ml.shifu:shifu-tensorflow-eval =0.12.0 - ml.shifu:shifu-tensorflow-on-yarn =0.12.0 Source cves: CVE-2023-7148 Source advisory:...