Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
geyang ml-logger Ping server.py log_handler deserialization
Vulnerability Description
A vulnerability was determined in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected is the function log_handler of the file ml_logger/server.py of the component Ping Handler. This manipulation of the argument data causes deserialization. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
可信数据的反序列化
Vulnerability Title
ML-Logger 安全漏洞
Vulnerability Description
ML-Logger是Ge Yang个人开发者的一个用于机器学习项目的记录器、服务器和可视化仪表板。 ML-Logger acf255bade5be6ad88d90735c8367b28cbe3a743及之前版本存在安全漏洞,该漏洞源于对文件ml_logger/server.py中组件Ping Handler的参数data的错误操作,可能导致反序列化攻击。
CVSS Information
N/A
Vulnerability Type
N/A