Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks

Share:

Cybersecurity researchers have disclosed multiple security flaws impacting open-source machine learning (ML) tools and frameworks such as MLflow, H2O, PyTorch, and MLeap that could pave the way for code execution.

The vulnerabilities, discovered by JFrog, are part of a broader collection of 22 security shortcomings the supply chain security company first disclosed last month.

Unlike the first set that involved flaws on the server-side, the newly detailed ones allow exploitation of ML clients and reside in libraries that handle safe model formats like Safetensors.

“Hijacking an ML client in an organization can allow the attackers to perform extensive lateral movement within the organization,” the company said. “An ML client is very likely to have access to important ML services such as ML Model Registries or MLOps Pipelines.”

This, in turn, could expose sensitive information such as model registry credentials, effectively permitting a malicious actor to backdoor stored ML models or achieve code execution.

The list of vulnerabilities is below –

  • CVE-2024-27132 (CVSS score: 7.2) – An insufficient sanitization issue in MLflow that leads to a cross-site scripting (XSS) attack when running an untrusted recipe in a Jupyter Notebook, ultimately resulting in client-side remote code execution (RCE)
  • CVE-2024-6960 (CVSS score: 7.5) – An unsafe deserialization issue in H20 when importing an untrusted ML model, potentially resulting in RCE
  • A path traversal issue in PyTorch’s TorchScript feature that could result in denial-of-service (DoS) or code execution due to arbitrary file overwrite, which could then be used to overwrite critical system files or a legitimate pickle file (No CVE identifier)
  • CVE-2023-5245 (CVSS score: 7.5) – A path traversal issue in MLeap when loading a saved model in zipped format can lead to a Zip Slip vulnerability, resulting in arbitrary file overwrite and potential code execution

JFrog noted that ML models shouldn’t be blindly loaded even in cases where they are loaded from a safe type, such as Safetensors, as they have the capability to achieve arbitrary code execution.

“AI and Machine Learning (ML) tools hold immense potential for innovation, but can also open the door for attackers to cause widespread damage to any organization,” Shachar Menashe, JFrog’s VP of Security Research, said in a statement.

“To safeguard against these threats, it’s important to know which models you’re using and never load untrusted ML models even from a ‘safe’ ML repository. Doing so can lead to remote code execution in some scenarios, causing extensive harm to your organization.”

Source

Leave a Comment

Your email address will not be published. Required fields are marked *

loader-image
London, GB
4:10 am, Jul 11, 2025
weather icon 18°C
L: 16° | H: 19°
scattered clouds
Humidity: 80 %
Pressure: 1021 mb
Wind: 5 mph E
Wind Gust: 0 mph
UV Index: 0
Precipitation: 0 mm
Clouds: 45%
Rain Chance: 0%
Visibility: 10 km
Sunrise: 4:56 am
Sunset: 9:15 pm
DailyHourly
Daily ForecastHourly Forecast
Today 10:00 pm
weather icon
16° | 19°°C 0 mm 0% 8 mph 76 % 1021 mb 0 mm/h
Tomorrow 10:00 pm
weather icon
19° | 30°°C 0 mm 0% 10 mph 66 % 1019 mb 0 mm/h
Sun Jul 13 10:00 pm
weather icon
18° | 30°°C 0 mm 0% 7 mph 71 % 1015 mb 0 mm/h
Mon Jul 14 10:00 pm
weather icon
18° | 28°°C 1 mm 100% 15 mph 84 % 1016 mb 0 mm/h
Tue Jul 15 10:00 pm
weather icon
14° | 20°°C 1 mm 100% 14 mph 81 % 1017 mb 0 mm/h
Today 7:00 am
weather icon
18° | 19°°C 0 mm 0% 2 mph 76 % 1021 mb 0 mm/h
Today 10:00 am
weather icon
24° | 27°°C 0 mm 0% 2 mph 57 % 1021 mb 0 mm/h
Today 1:00 pm
weather icon
30° | 30°°C 0 mm 0% 3 mph 32 % 1020 mb 0 mm/h
Today 4:00 pm
weather icon
32° | 32°°C 0 mm 0% 4 mph 26 % 1018 mb 0 mm/h
Today 7:00 pm
weather icon
30° | 30°°C 0 mm 0% 6 mph 29 % 1017 mb 0 mm/h
Today 10:00 pm
weather icon
23° | 23°°C 0 mm 0% 8 mph 49 % 1019 mb 0 mm/h
Tomorrow 1:00 am
weather icon
21° | 21°°C 0 mm 0% 5 mph 57 % 1019 mb 0 mm/h
Tomorrow 4:00 am
weather icon
19° | 19°°C 0 mm 0% 5 mph 66 % 1018 mb 0 mm/h
Name Price24H (%)
Bitcoin(BTC)
€99,711.92
4.88%
Ethereum(ETH)
€2,534.30
6.46%
Tether(USDT)
€0.85
-0.01%
XRP(XRP)
€2.21
6.74%
Solana(SOL)
€140.98
4.20%
USDC(USDC)
€0.85
-0.01%
Dogecoin(DOGE)
€0.169861
9.70%
Shiba Inu(SHIB)
€0.000012
9.28%
Pepe(PEPE)
€0.000011
15.02%
Peanut the Squirrel(PNUT)
€0.248685
22.27%
Scroll to Top