CVE-2024-34072 | Amazon sagemaker-python-sdk up to 2.217.x sagemaker.base_deserializers.NumpyDeserializer deserialization (GHSA-wjvx-jhpj-r54r)

Inserito da Angelo Barbosa | Mag 3, 2024 | CVE

A vulnerability, which was classified as very critical, was found in Amazon sagemaker-python-sdk up to 2.217.x. Affected is the function sagemaker.base_deserializers.NumpyDeserializer. The manipulation leads to deserialization.

This vulnerability is traded as CVE-2024-34072. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-34072 | Amazon sagemaker-python-sdk up to 2.217.x sagemaker.base_deserializers.NumpyDeserializer deserialization (GHSA-wjvx-jhpj-r54r)

Post correlati

CVE-2023-4465 | Poly CCX 400/CCX 600/Trio 8800/Trio C60 Configuration File Import device.auth.localAdminPassword unverified password change (MZ-23-01)

CVE-2023-7028 | GitHub Community Edition/Enterprise Edition up to 16.7.1 Password Reset unknown vulnerability

CVE-2024-24050 | SourceCodester Workout Journal App 1.0 /add-user.php firstname/lastname cross site scripting

CVE-2024-31201 | Plug&Track Thermoscan IP 20211103 ThermoscanIP_Scrutation Service C: unquoted search path