CVEs-PoC/2024/CVE-2024-24590.md at 8e2ebbf9bd04edab52d0cbcbc6c2f6e2cfdaa67d

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-06-05 19:06:36 +02:00

Files

T

0xMarcio 3e58935392 Update CVE sources 2024-08-10 19:04

2024-08-10 19:04:30 +00:00

Description

Deserialization of untrusted data can occur in versions 0.17.0 to 1.14.2 of the client SDK of Allegro AI’s ClearML platform, enabling a maliciously uploaded artifact to run arbitrary code on an end user’s system when interacted with.

POC

Reference

No PoCs from references.

Github

https://github.com/OxyDeV2/ClearML-CVE-2024-24590
https://github.com/diegogarciayala/CVE-2024-24590-ClearML-RCE-CMD-POC
https://github.com/fkie-cad/nvd-json-data-feeds
https://github.com/nomi-sec/PoC-in-GitHub

911 B Raw Blame History Unescape Escape

CVE-2024-24590

Description

POC

Reference

Github

911 B

Raw Blame History