CVE-2025-54381
- EPSS 0.34%
- Veröffentlicht 29.07.2025 22:11:24
- Zuletzt bearbeitet 05.08.2025 15:41:26
BentoML is a Python library for building online serving systems optimized for AI apps and model inference. In versions 1.4.0 until 1.4.19, the file upload processing system contains an SSRF vulnerability that allows unauthenticated remote attackers t...
CVE-2025-32375
- EPSS 51.17%
- Veröffentlicht 09.04.2025 15:30:03
- Zuletzt bearbeitet 22.04.2025 16:52:36
BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.8, there was an insecure deserialization in BentoML's runner server. By setting specific headers and parameters in the POST reques...
CVE-2025-27520
- EPSS 65.22%
- Veröffentlicht 04.04.2025 14:28:51
- Zuletzt bearbeitet 27.06.2025 12:48:46
BentoML is a Python library for building online serving systems optimized for AI apps and model inference. A Remote Code Execution (RCE) vulnerability caused by insecure deserialization has been identified in the latest version (v1.4.2) of BentoML. I...