{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T20:20:26.078","vulnerabilities":[{"cve":{"id":"CVE-2026-24123","sourceIdentifier":"security-advisories@github.com","published":"2026-01-26T23:16:08.460","lastModified":"2026-06-17T10:22:39.940","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to version 1.4.34, BentoML's `bentofile.yaml` configuration allows path traversal attacks through multiple file path fields (`description`, `docker.setup_script`, `docker.dockerfile_template`, `conda.environment_yml`). An attacker can craft a malicious bentofile that, when built by a victim, exfiltrates arbitrary files from the filesystem into the bento archive. This enables supply chain attacks where sensitive files (SSH keys, credentials, environment variables) are silently embedded in bentos and exposed when pushed to registries or deployed. Version 1.4.34 contains a patch for the issue."},{"lang":"es","value":"BentoML es una librería de Python para construir sistemas de servicio en línea optimizados para aplicaciones de IA e inferencia de modelos. Antes de la versión 1.4.34, la configuración `bentofile.yaml` de BentoML permite ataques de salto de ruta a través de múltiples campos de ruta de archivo (`description`, `docker.setup_script`, `docker.dockerfile_template`, `conda.environment_yml`). Un atacante puede crear un bentofile malicioso que, cuando es construido por una víctima, exfiltra archivos arbitrarios del sistema de archivos al archivo bento. Esto permite ataques a la cadena de suministro donde archivos sensibles (claves SSH, credenciales, variables de entorno) son incrustados silenciosamente en los bentos y expuestos cuando se suben a registros o se despliegan. La versión 1.4.34 contiene un parche para el problema."}],"affected":[{"source":"security-advisories@github.com","affectedData":[{"vendor":"bentoml","product":"BentoML","versions":[{"version":"< 1.4.34","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N","baseScore":7.4,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-01-27T21:36:54.247534Z","id":"CVE-2026-24123","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:bentoml:bentoml:*:*:*:*:*:*:*:*","versionEndExcluding":"1.4.34","matchCriteriaId":"DE676E6B-09BB-4BB5-839C-CDA683332ADC"}]}]}],"references":[{"url":"https://github.com/bentoml/BentoML/commit/84d08cfeb40c5f2ce71b3d3444bbaa0fb16b5ca4","source":"security-advisories@github.com","tags":["Patch"]},{"url":"https://github.com/bentoml/BentoML/releases/tag/v1.4.34","source":"security-advisories@github.com","tags":["Product","Release Notes"]},{"url":"https://github.com/bentoml/BentoML/security/advisories/GHSA-6r62-w2q3-48hf","source":"security-advisories@github.com","tags":["Vendor Advisory"]}]}}]}