A vulnerability, which was classified as very critical, was found in Amazon sagemaker-python-sdk up to 2.217.x. Affected is the function
sagemaker.base_deserializers.NumpyDeserializer
. The manipulation leads to deserialization.
This vulnerability is traded as CVE-2024-34072. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.