Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/bentoml@0.5.1
Typepypi
Namespace
Namebentoml
Version0.5.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-8fmm-wxbk-7qcb
vulnerability_id VCID-8fmm-wxbk-7qcb
summary BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.37, the `docker.system_packages` field in `bentofile.yaml` accepts arbitrary strings that are interpolated directly into Dockerfile `RUN` commands without sanitization. Since `system_packages` is semantically a list of OS package names (data), users do not expect values to be interpreted as shell commands. A malicious `bentofile.yaml` achieves arbitrary command execution during `bentoml containerize` / `docker build`. Version 1.4.37 fixes the issue.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-33744
reference_id
reference_type
scores
0
value 8e-05
scoring_system epss
scoring_elements 0.0082
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-33744
1
reference_url https://github.com/bentoml/BentoML
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bentoml/BentoML
2
reference_url https://github.com/bentoml/BentoML/security/advisories/GHSA-jfjg-vc52-wqvf
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-03-27T20:01:10Z/
url https://github.com/bentoml/BentoML/security/advisories/GHSA-jfjg-vc52-wqvf
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33744
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33744
4
reference_url https://github.com/advisories/GHSA-jfjg-vc52-wqvf
reference_id GHSA-jfjg-vc52-wqvf
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jfjg-vc52-wqvf
fixed_packages
0
url pkg:pypi/bentoml@1.4.37
purl pkg:pypi/bentoml@1.4.37
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-fvk4-zxh6-kuhs
1
vulnerability VCID-urh1-515z-s3fg
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/bentoml@1.4.37
aliases CVE-2026-33744, GHSA-jfjg-vc52-wqvf, PYSEC-2026-157
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8fmm-wxbk-7qcb
1
url VCID-fvk4-zxh6-kuhs
vulnerability_id VCID-fvk4-zxh6-kuhs
summary BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.38, the cloud deployment path in src/bentoml/_internal/cloud/deployment.py was not included in the fix for CVE-2026-33744. Line 1648 interpolates system_packages directly into a shell command using an f-string without any quoting. The generated script is uploaded to BentoCloud as setup.sh and executed on the cloud build infrastructure during deployment, making this a remote code execution on the CI/CD tier. This vulnerability is fixed in 1.4.38.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35043
reference_id
reference_type
scores
0
value 0.00029
scoring_system epss
scoring_elements 0.08915
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35043
1
reference_url https://github.com/bentoml/BentoML
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bentoml/BentoML
2
reference_url https://github.com/bentoml/BentoML/security/advisories/GHSA-fgv4-6jr3-jgfw
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-07T14:09:04Z/
url https://github.com/bentoml/BentoML/security/advisories/GHSA-fgv4-6jr3-jgfw
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-33744
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-33744
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-35043
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-35043
5
reference_url https://github.com/advisories/GHSA-fgv4-6jr3-jgfw
reference_id GHSA-fgv4-6jr3-jgfw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fgv4-6jr3-jgfw
fixed_packages
0
url pkg:pypi/bentoml@1.4.38
purl pkg:pypi/bentoml@1.4.38
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d48j-9tqd-4yax
1
vulnerability VCID-v96v-q2ga-pkbb
2
vulnerability VCID-xs1q-xvga-kkhd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/bentoml@1.4.38
aliases CVE-2026-35043, GHSA-fgv4-6jr3-jgfw, PYSEC-2026-158
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fvk4-zxh6-kuhs
2
url VCID-urh1-515z-s3fg
vulnerability_id VCID-urh1-515z-s3fg
summary BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Prior to 1.4.38, the Dockerfile generation function generate_containerfile() in src/bentoml/_internal/container/generate.py uses an unsandboxed jinja2.Environment with the jinja2.ext.do extension to render user-provided dockerfile_template files. When a victim imports a malicious bento archive and runs bentoml containerize, attacker-controlled Jinja2 template code executes arbitrary Python directly on the host machine, bypassing all container isolation. This vulnerability is fixed in 1.4.38.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-35044
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06898
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-35044
1
reference_url https://github.com/bentoml/BentoML
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/bentoml/BentoML
2
reference_url https://github.com/bentoml/BentoML/security/advisories/GHSA-v959-cwq9-7hr6
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
2
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-06T18:49:50Z/
url https://github.com/bentoml/BentoML/security/advisories/GHSA-v959-cwq9-7hr6
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-35044
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-35044
4
reference_url https://github.com/advisories/GHSA-v959-cwq9-7hr6
reference_id GHSA-v959-cwq9-7hr6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v959-cwq9-7hr6
fixed_packages
0
url pkg:pypi/bentoml@1.4.38
purl pkg:pypi/bentoml@1.4.38
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d48j-9tqd-4yax
1
vulnerability VCID-v96v-q2ga-pkbb
2
vulnerability VCID-xs1q-xvga-kkhd
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/bentoml@1.4.38
aliases CVE-2026-35044, GHSA-v959-cwq9-7hr6, PYSEC-2026-159
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-urh1-515z-s3fg
Fixing_vulnerabilities
Risk_score4.3
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/bentoml@0.5.1