Get a Pentest and security assessment of your IT network.

News

Google’s TensorFlow drops YAML support due to code execution flaw

TensorFlow, a Python-based machine learning and artificial intelligence project developed by Google, has dropped support for YAML, to patch a critical code execution vulnerability. The critical flaw enables attackers to execute arbitrary code when an application deserializes a Keras model provided in the YAMl format. The “yaml.unsafe_load() function is known to deserialize data rather liberallyit resolves all tags, “even those known to be unsafe on untrusted input” The fix for CVE-2021-37678 is expected to arrive in version 2.6.0.”]

Source: https://www.bleepingcomputer.com/news/security/googles-tensorflow-drops-yaml-support-due-to-code-execution-flaw/

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

SEA has stolen invoices that shows Microsoft charges FBI for user data

News

Greek police arrested a man running the BTC-e Bitcoin exchange to launder more than US$4bn worth of the Bitcoin