Lucene search
+L

46 matches found

Positive Technologies
Positive Technologies
added 2025/07/25 12:0 a.m.12 views

PT-2025-30943

Vulnerability Summary Name of the Vulnerable Software and Affected Versions skops versions 0.11.0 and below Description skops is a Python library used for sharing and shipping scikit-learn based models. An inconsistency in the OperatorFuncNode allows exploitation to hide the execution of untruste...

8.7CVSS6.6AI score0.00137EPSS
Exploits0References15
Veracode
Veracode
added 2024/06/10 10:6 a.m.15 views

Unsafe Deserialization

skops is vulnerable to Unsafe Deserialization. This vulnerability is due to insufficient validation during model deserialization, which can result in arbitrary code execution when a user loads a maliciously crafted model...

7.8CVSS7.5AI score0.00239EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2024/06/04 12:31 p.m.12 views

GHSA-Q49C-6V6G-WGQ3 Skops unsafe deserialization

Deserialization of untrusted data can occur in versions 0.6 or newer of the skops python library, enabling a maliciously crafted model to run arbitrary code on an end user's system when loaded...

7.8CVSS7.7AI score0.00239EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2024/06/04 12:31 p.m.21 views

Skops unsafe deserialization

Deserialization of untrusted data can occur in versions 0.6 or newer of the skops python library, enabling a maliciously crafted model to run arbitrary code on an end user's system when loaded...

7.8CVSS7.7AI score0.00239EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/04 12:3 p.m.11 views

CVE-2024-37065

Deserialization of untrusted data can occur in versions 0.6 or newer of the skops python library, enabling a maliciously crafted model to run arbitrary code on an end user's system when loaded...

7.8CVSS7.2AI score0.00239EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/04 12:3 p.m.26 views

CVE-2024-37065

Deserialization of untrusted data can occur in versions 0.6 or newer of the skops python library, enabling a maliciously crafted model to run arbitrary code on an end user's system when loaded...

7.8CVSS7.7AI score0.00239EPSS
Exploits0References1
Rows per page
Query Builder