CVE-2025-54886
BaseFortify
Publication date: 2025-08-08
Last updated on: 2025-08-08
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| skops | skops | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-502 | The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability exists in the skops Python library versions 0.12.0 and below, specifically in the Card.get_model function. This function is intended to load machine learning models securely using skops' trusted type validation for .skops files. However, when loading models in non-.zip formats, the function silently falls back to using joblib, which does not have these security checks and allows arbitrary code execution. This means an attacker could exploit this fallback to execute malicious code during model loading.
How can this vulnerability impact me? :
This vulnerability can lead to arbitrary code execution on the system where the vulnerable skops library is used. An attacker could craft a malicious model file in a non-.zip format that, when loaded by the vulnerable Card.get_model function, executes harmful code. This could compromise the confidentiality, integrity, and availability of the affected system.
What immediate steps should I take to mitigate this vulnerability?
Upgrade the skops library to version 0.13.0 or later, as this version fixes the vulnerability by properly handling model loading and preventing arbitrary code execution.