CNNVD-202509-3979 Information

CNNVD ID

CNNVD-202509-3979

Related CVE

CVE-2025-10950

• CNNVD Published: 2025-09-25

Description (Chinese)

ML-Logger是Ge Yang个人开发者的一个用于机器学习项目的记录器、服务器和可视化仪表板。 ML-Logger acf255bade5be6ad88d90735c8367b28cbe3a743及之前版本存在安全漏洞，该漏洞源于对文件ml_logger/server.py中组件Ping Handler的参数data的错误操作，可能导致反序列化攻击。

Description (English)

ML-Logger is a recorder, server and visualizer for a machine learning project by Ge Yang Personal Developer. ML-Logger acf. 255bade5be6ad88d907385c8367b28cbe3a743 and previous versions have security loopholes stemming from errors in the operation of the parameter Data for component Ping Handler in document ml logger/server.py, which could lead to a back-serialized attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

LitexMedia

Published

2025-09-25

Last Modified

2026-02-24

References

https://github.com/geyang/ml-logger/issues/72 https://vuldb.com/?ctiid.325820 https://vuldb.com/?id.325820 https://vuldb.com/?submit.652461