CVE-2024-34073 | Amazon sagemaker-python-sdk up to 2.214.2 os command injection (GHSA-7pc3-pr3q-58vg)

Inserito da Angelo Barbosa | Mag 3, 2024 | CVE

A vulnerability has been found in Amazon sagemaker-python-sdk up to 2.214.2 and classified as critical. Affected by this vulnerability is the function sagemaker.serve.save_retrive.version_1_0_0.save.utils. The manipulation leads to os command injection.

This vulnerability is known as CVE-2024-34073. The attack needs to be approached locally. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-34073 | Amazon sagemaker-python-sdk up to 2.214.2 os command injection (GHSA-7pc3-pr3q-58vg)

Post correlati

CVE-2024-49281 | NinjaTeam Click to Chat Plugin up to 2.3.3 on WordPress cross site scripting

CVE-2024-23946 | Apache OFBiz createRegister information exposure

CVE-2024-5774 | SourceCodester Stock Management System 1.0 Login index.php username/password sql injection

CVE-2023-38655 | Intel AMT/Standard Manageability unknown vulnerability (intel-sa-00999)