Deserialization of untrusted data can occur in versions 0.6 or newer of the skops python library, enabling a maliciously crafted model to run arbitrary code on an end user's system when loaded.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| skops(PyPI) | 0.6 | N/A | N/A |
CVSS Metrics
