Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2024-24590

Deserialization of untrusted data can occur in versions 0.17.0 to 1.14.2 of the client SDK of Allegro AI’s ClearML platform, enabling a maliciously uploaded artifact to run arbitrary code on an end user’s system when interacted with.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.787
EPSS Ranking 99.0%
CVSS Severity
CVSS v3 Score 8.0
Products affected by CVE-2024-24590
  • Clear » Clearml » Version: 0.17.0
    cpe:2.3:a:clear:clearml:0.17.0
  • Clear » Clearml » Version: 1.14.1
    cpe:2.3:a:clear:clearml:1.14.1
  • Clear » Clearml » Version: 1.14.2
    cpe:2.3:a:clear:clearml:1.14.2
  • Clear » Clearml » Version: 1.4.0
    cpe:2.3:a:clear:clearml:1.4.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved