sockeye is vulnerable to remote code execution. The use of insecure loading of yaml for the model configuration files allows an attacker to execute arbitrary code embedded in config files.
github.com/awslabs/sockeye/commit/2d458b2a2a4b05b3437a1895209675969bf6befd#diff-fb3bb9c88a463d7f5b801e036af8287f1d99c433e1183087729c67ccc09bfdddR37
github.com/awslabs/sockeye/commit/35dd717a80ae1f04128d79bd0bcf340e2e9d1427
github.com/awslabs/sockeye/pull/964
github.com/awslabs/sockeye/releases/tag/2.3.24
github.com/awslabs/sockeye/security/advisories/GHSA-ggmr-44cv-24pm
huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9