Vulnerabilidades em bentoml
15 resultadosCVE-2025-32375CRITICALInsecure Deserialization leads to RCE in BentoML's runner serverEPSS 43.8%CVE-2025-27520CRITICALBentoML Allows Remote Code Execution (RCE) via Insecure DeserializationEPSS 43.7%CVE-2025-54381CRITICALBentoML is Vulnerable to an SSRF Attack Through File Upload ProcessingEPSS 11.1%CVE-2024-2912CRITICALInsecure Deserialization Leading to RCE in bentoml/bentomlEPSS 1.5%CVE-2024-9070CRITICALDeserialization Vulnerability in BentoML's Runner Server in bentoml/bentomlEPSS 0.8%CVE-2024-8982MEDIUMLocal File Inclusion in bentoml/openllmEPSS 0.7%CVE-2024-9056HIGHDenial of Service in bentoml/bentomlEPSS 0.7%CVE-2026-24123HIGHBentoML has a Path Traversal via Bentofile ConfigurationEPSS 0.4%CVE-2026-35044HIGHBentoML has a Server-Side Template Injection via unsandboxed Jinja2 Environment in Dockerfile generationEPSS 0.4%CVE-2026-44346HIGHBentoML: Dockerfile command injection via envs[*].name in bentofile.yamlEPSS 0.3%CVE-2026-44345HIGHBentoML: Dockerfile command injection via docker.base_imageEPSS 0.3%CVE-2026-35043HIGHBentoML: command injection in cloud deployment setup script (deployment.py)EPSS 0.3%CVE-2026-40610MEDIUMBentoML has Information Disclosure in `bentoml build` via symlink traversal in the build contextEPSS 0.3%CVE-2026-27905HIGHBentoML has an Arbitrary File Write via Symlink Path Traversal in Tar ExtractionEPSS 0.3%CVE-2026-33744HIGHBentoML has Dockerfile Command Injection via system_packages in bentofile.yamlEPSS 0.3%