PT-2024-27272
Name of the Vulnerable Software and Affected Versions MLflow platform versions 2.0.0rc0 and newer Description The issue allows deserialization of untrusted data, enabling a maliciously uploaded Tensorflow model to run arbitrary code on an end user's system when interacted with. Recommendations Fo...