Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/bentoml@1.3.0a3
Typepypi
Namespace
Namebentoml
Version1.3.0a3
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-8fmm-wxbk-7qcb
vulnerability_id VCID-8fmm-wxbk-7qcb
summary BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.37, the `docker.system_packages` field in `bentofile.yaml` accepts arbitrary strings that are interpolated directly into Dockerfile `RUN` commands without sanitization. Since `system_packages` is semantically a list of OS package names (data), users do not expect values to be interpreted as shell commands. A malicious `bentofile.yaml` achieves arbitrary command execution during `bentoml containerize` / `docker build`. Version 1.4.37 fixes the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33744
reference_id
reference_type
scores
0
value 8e-05
scoring_system epss
scoring_elements 0.0082
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33744
1
reference_url https://github.com/bentoml/BentoML
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bentoml/BentoML
2
reference_url https://github.com/bentoml/BentoML/security/advisories/GHSA-jfjg-vc52-wqvf
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-27T20:01:10Z/
url https://github.com/bentoml/BentoML/security/advisories/GHSA-jfjg-vc52-wqvf
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33744
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33744
4
reference_url https://github.com/advisories/GHSA-jfjg-vc52-wqvf
reference_id GHSA-jfjg-vc52-wqvf
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jfjg-vc52-wqvf
fixed_packages
0
url pkg:pypi/bentoml@1.4.37
purl pkg:pypi/bentoml@1.4.37
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fvk4-zxh6-kuhs
1
vulnerability VCID-urh1-515z-s3fg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/bentoml@1.4.37
aliases CVE-2026-33744, GHSA-jfjg-vc52-wqvf, PYSEC-2026-157
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8fmm-wxbk-7qcb
1
url VCID-fvk4-zxh6-kuhs
vulnerability_id VCID-fvk4-zxh6-kuhs
summary BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.38, the cloud deployment path in src/bentoml/_internal/cloud/deployment.py was not included in the fix for CVE-2026-33744. Line 1648 interpolates system_packages directly into a shell command using an f-string without any quoting. The generated script is uploaded to BentoCloud as setup.sh and executed on the cloud build infrastructure during deployment, making this a remote code execution on the CI/CD tier. This vulnerability is fixed in 1.4.38.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35043
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08915
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35043
1
reference_url https://github.com/bentoml/BentoML
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bentoml/BentoML
2
reference_url https://github.com/bentoml/BentoML/security/advisories/GHSA-fgv4-6jr3-jgfw
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-07T14:09:04Z/
url https://github.com/bentoml/BentoML/security/advisories/GHSA-fgv4-6jr3-jgfw
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33744
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33744
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-35043
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-35043
5
reference_url https://github.com/advisories/GHSA-fgv4-6jr3-jgfw
reference_id GHSA-fgv4-6jr3-jgfw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fgv4-6jr3-jgfw
fixed_packages
0
url pkg:pypi/bentoml@1.4.38
purl pkg:pypi/bentoml@1.4.38
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d48j-9tqd-4yax
1
vulnerability VCID-v96v-q2ga-pkbb
2
vulnerability VCID-xs1q-xvga-kkhd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/bentoml@1.4.38
aliases CVE-2026-35043, GHSA-fgv4-6jr3-jgfw, PYSEC-2026-158
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fvk4-zxh6-kuhs
2
url VCID-ha3w-dtg7-4fbq
vulnerability_id VCID-ha3w-dtg7-4fbq
summary BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.8, there was an insecure deserialization in BentoML's runner server. By setting specific headers and parameters in the POST request, it is possible to execute any unauthorized arbitrary code on the server, which will grant the attackers to have the initial access and information disclosure on the server. This vulnerability is fixed in 1.4.8.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-32375
reference_id
reference_type
scores
0
value 0.65238
scoring_system epss
scoring_elements 0.98501
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-32375
1
reference_url https://github.com/bentoml/BentoML
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/bentoml/BentoML
2
reference_url https://github.com/bentoml/BentoML/security/advisories/GHSA-7v4r-c989-xh26
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-09T15:40:47Z/
url https://github.com/bentoml/BentoML/security/advisories/GHSA-7v4r-c989-xh26
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/bentoml/PYSEC-2025-32.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/bentoml/PYSEC-2025-32.yaml
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-32375
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-32375
5
reference_url https://github.com/advisories/GHSA-7v4r-c989-xh26
reference_id GHSA-7v4r-c989-xh26
reference_type
scores
url https://github.com/advisories/GHSA-7v4r-c989-xh26
fixed_packages
0
url pkg:pypi/bentoml@1.4.8
purl pkg:pypi/bentoml@1.4.8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8fmm-wxbk-7qcb
1
vulnerability VCID-fvk4-zxh6-kuhs
2
vulnerability VCID-urh1-515z-s3fg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/bentoml@1.4.8
aliases CVE-2025-32375, GHSA-7v4r-c989-xh26, PYSEC-2025-32
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ha3w-dtg7-4fbq
3
url VCID-urh1-515z-s3fg
vulnerability_id VCID-urh1-515z-s3fg
summary BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.38, the Dockerfile generation function generate_containerfile() in src/bentoml/_internal/container/generate.py uses an unsandboxed jinja2.Environment with the jinja2.ext.do extension to render user-provided dockerfile_template files. When a victim imports a malicious bento archive and runs bentoml containerize, attacker-controlled Jinja2 template code executes arbitrary Python directly on the host machine, bypassing all container isolation. This vulnerability is fixed in 1.4.38.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35044
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06898
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35044
1
reference_url https://github.com/bentoml/BentoML
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bentoml/BentoML
2
reference_url https://github.com/bentoml/BentoML/security/advisories/GHSA-v959-cwq9-7hr6
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-06T18:49:50Z/
url https://github.com/bentoml/BentoML/security/advisories/GHSA-v959-cwq9-7hr6
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-35044
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-35044
4
reference_url https://github.com/advisories/GHSA-v959-cwq9-7hr6
reference_id GHSA-v959-cwq9-7hr6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v959-cwq9-7hr6
fixed_packages
0
url pkg:pypi/bentoml@1.4.38
purl pkg:pypi/bentoml@1.4.38
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d48j-9tqd-4yax
1
vulnerability VCID-v96v-q2ga-pkbb
2
vulnerability VCID-xs1q-xvga-kkhd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/bentoml@1.4.38
aliases CVE-2026-35044, GHSA-v959-cwq9-7hr6, PYSEC-2026-159
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-urh1-515z-s3fg
Fixing_vulnerabilities
Risk_score4.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/bentoml@1.3.0a3