PT-2025-32333 · Skops · Skops
Io-No
·
Published
2025-08-07
·
Updated
2025-08-13
·
CVE-2025-54886
CVSS v3.1
8.4
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
skops versions 0.12.0 and below
skops versions prior to 0.13.0
Description
The
Card.get model function in skops allows for arbitrary code execution when loading models. This occurs because the function supports both joblib and skops for model loading. When loading non-.zip file formats, it silently falls back to joblib without warning, which allows arbitrary code execution during loading, bypassing security measures. This behavior is in contrast to skops, which enforces trusted type validation and raises errors for untrusted types.Recommendations
skops versions 0.12.0 and below: Upgrade to version 0.13.0 or later to resolve this issue.
Exploit
Fix
RCE
Deserialization of Untrusted Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Skops