Seaw1Nd

**Name of the Vulnerable Software and Affected Versions** BentoML versions 1.0.0a1 through 1.4.7 **Description** The issue is related to an insecure deserialization in BentoML's runner server. By setting specific headers and parameters in the POST request, it is possible to execute any unauthorized arbitrary code on the server, which will grant the attackers initial access and information disclosure on the server. This can be achieved by exploiting the `Payload-Container` and `Payload-Meta` headers, allowing attackers to execute commands such as `curl` and potentially gain remote shell access to the server. **Recommendations** To resolve the issue, update to version 1.4.8, as this version fixes the insecure deserialization vulnerability in BentoML's runner server. As a temporary workaround, consider restricting access to the vulnerable `runner app.py` and `container.py` modules until a patch is available. Avoid using the `NdarrayContainer` and `PandasDataFrameContainer` classes in the `Payload-Container` header, as they can be exploited to execute arbitrary code. Restrict the use of the `pickle.loads()` function, which is used to deserialize payload data, to prevent the execution of malicious code.