Feast
Monthly
Remote code execution in Feast (the open-source ML feature store) before 0.63.0 lets remote attackers run OS commands as the feast service account by sending a crafted ApplyFeatureView gRPC request to the registry server. The registry base64-decodes the user_defined_function.body field of an OnDemandFeatureView and passes it to dill.loads() before any authorization check, so no credentials are required. A publicly available exploit code exists (reported by VulnCheck via huntr) and a vendor patch is available, though the flaw is not listed in CISA KEV.
Remote code execution in Feast (the open-source ML feature store) before 0.63.0 lets remote attackers run OS commands as the feast service account by sending a crafted ApplyFeatureView gRPC request to the registry server. The registry base64-decodes the user_defined_function.body field of an OnDemandFeatureView and passes it to dill.loads() before any authorization check, so no credentials are required. A publicly available exploit code exists (reported by VulnCheck via huntr) and a vendor patch is available, though the flaw is not listed in CISA KEV.