Lucene search
China National Vulnerability DatabaseCNVD-2021-71256HistorySep 14, 2021 - 12:00 a.m.
parlai code issue vulnerability
2021-09-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
parlai
ai models
code issue
vulnerability
insecure loading package
yaml deserialization attacks
arbitrary code execution
cnvd
EPSS
0.002
Percentile
56.8%
parlai is used to train and evaluate AI models on a variety of publicly available conversational datasets. parlai suffers from a code issue vulnerability that stems from an insecure loading package that is vulnerable to YAML deserialization attacks in the affected version. An attacker could exploit this vulnerability to cause arbitrary code execution.
Related
prion
prion
Deserialization of untrusted data
2021-09-10 23:15:00
github
github
Deserialization of Untrusted Data in parlai
2021-09-13 20:05:39
cvelist
cvelist
CVE-2021-39207 Deserialization of Untrusted Data in parlai
2021-09-10 22:20:09
nvd
nvd
CVE-2021-39207
2021-09-10 23:15:07
cve
cve
CVE-2021-39207
2021-09-10 23:15:07
osv
osv