CVE-2025-54886

Опубликовано: 08 авг. 2025

Источник: redhat

CVSS3: 6.8

EPSS Низкий

Описание

skops is a Python library which helps users share and ship their scikit-learn based models. In versions 0.12.0 and below, the Card.get_model does not contain any logic to prevent arbitrary code execution. The Card.get_model function supports both joblib and skops for model loading. When loading .skops models, it uses skops' secure loading with trusted type validation, raising errors for untrusted types unless explicitly allowed. However, when non-.zip file formats are provided, the function silently falls back to joblib without warning. Unlike skops, joblib allows arbitrary code execution during loading, bypassing security measures and potentially enabling malicious code execution. This issue is fixed in version 0.13.0.

A flaw was found in skops. The Card.get_model function allows arbitrary code execution due to a lack of input validation, allowing a local attacker to trigger this vulnerability. This issue occurs when processing a malicious job file, leading to potential arbitrary code execution on the affected system.

Отчет

The severity of this vulnerability is rated Moderate, as it does not impact system availability. The effects are confined to the application layer, without compromising the underlying system stability.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-502

https://bugzilla.redhat.com/show_bug.cgi?id=2387191skops: Skops: Joblib Model Loading Code Execution

EPSS

Процентиль: 41%

0.00189

Низкий

6.8 Medium

CVSS3

Связанные уязвимости

CVE-2025-54886

CVSS3: 8.4

nvd

4 месяца назад

GHSA-378x-6p4f-8jgm