Количество 2
Количество 2
CVE-2024-37054
больше 1 года назад
Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.9.0 or newer, enabling a maliciously uploaded PyFunc model to run arbitrary code on an end user’s system when interacted with.
CVSS3: 8.8
EPSS: Низкий
GHSA-ghv6-9r9j-wh4j
больше 1 года назад
MLFlow unsafe deserialization
CVSS3: 8.8
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-37054 Deserialization of untrusted data can occur in versions of the MLflow platform running version 0.9.0 or newer, enabling a maliciously uploaded PyFunc model to run arbitrary code on an end user’s system when interacted with. | CVSS3: 8.8 | 0% Низкий | больше 1 года назад |
| GHSA-ghv6-9r9j-wh4j MLFlow unsafe deserialization | CVSS3: 8.8 | 0% Низкий | больше 1 года назад |
Уязвимостей на страницу
20