Get a Pentest and security assessment of your IT network.

News

Google’s TensorFlow drops YAML support due to code execution flaw

TensorFlow, a Python-based machine learning and artificial intelligence project developed by Google, has dropped support for YAML, to patch a critical code execution vulnerability. The critical flaw enables attackers to execute arbitrary code when an application deserializes a Keras model provided in the YAMl format. The “yaml.unsafe_load() function is known to deserialize data rather liberallyit resolves all tags, “even those known to be unsafe on untrusted input” The fix for CVE-2021-37678 is expected to arrive in version 2.6.0.”]

Source: https://www.bleepingcomputer.com/news/security/googles-tensorflow-drops-yaml-support-due-to-code-execution-flaw/

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Who and why is attacking companies in the Nordic Countries?

News

Shamoon Malware, cyber espionage tool, cyber weapon or