Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

bentoml — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting bentoml. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by bentoml:BentoMLbentoml/bentomlbentoml/openllm
CVE IDTitleCVSSSeverityPublished
CVE-2026-35044 BentoML has a Server-Side Template Injection via unsandboxed Jinja2 Environment in Dockerfile generation — BentoMLCWE-1336 8.8 High2026-04-06
CVE-2026-35043 BentoML: command injection in cloud deployment setup script (deployment.py) — BentoMLCWE-78 7.8 High2026-04-06
CVE-2026-33744 BentoML has Dockerfile Command Injection via system_packages in bentofile.yaml — BentoMLCWE-94 7.8 High2026-03-27
CVE-2026-27905 BentoML has an Arbitrary File Write via Symlink Path Traversal in Tar Extraction — BentoMLCWE-59 7.4AIHighAI2026-03-03
CVE-2026-24123 BentoML has a Path Traversal via Bentofile Configuration — BentoMLCWE-22 7.4 High2026-01-26
CVE-2025-54381 BentoML is Vulnerable to an SSRF Attack Through File Upload Processing — BentoMLCWE-918 9.9 Critical2025-07-29
CVE-2025-32375 Insecure Deserialization leads to RCE in BentoML's runner server — BentoMLCWE-502 9.8 Critical2025-04-09
CVE-2025-27520 BentoML Allows Remote Code Execution (RCE) via Insecure Deserialization — BentoMLCWE-502 9.8 Critical2025-04-04
CVE-2024-8982 Local File Inclusion in bentoml/openllm — bentoml/openllmCWE-29 9.8 -2025-03-20
CVE-2024-9070 Deserialization Vulnerability in BentoML's Runner Server in bentoml/bentoml — bentoml/bentomlCWE-502 9.8 -2025-03-20
CVE-2024-9056 Denial of Service in bentoml/bentoml — bentoml/bentomlCWE-770 7.5 -2025-03-20
CVE-2024-2912 Insecure Deserialization Leading to RCE in bentoml/bentoml — bentoml/bentomlCWE-1188 10.0 Critical2024-04-16

This page lists every published CVE security advisory associated with bentoml. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.