2383606 – (CVE-2025-54413) CVE-2025-54413 skops: Skops: Arbitrary Code Execution via MethodNode

Bug 2383606 (CVE-2025-54413) - CVE-2025-54413 skops: Skops: Arbitrary Code Execution via MethodNode

Summary: CVE-2025-54413 skops: Skops: Arbitrary Code Execution via MethodNode

Keywords:
Status:	NEW
Alias:	CVE-2025-54413
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-07-26 04:01 UTC by OSIDB Bzimport
Modified:	2025-07-31 14:07 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-07-26 04:01:53 UTC

skops is a Python library which helps users share and ship their scikit-learn based models. Versions 0.11.0 and below contain an inconsistency in MethodNode, which can be exploited to access unexpected object fields through dot notation. This can be used to achieve arbitrary code execution at load time. While this issue may seem similar to GHSA-m7f4-hrc6-fwg3, it is actually more severe, as it relies on fewer assumptions about trusted types. This is fixed in version 12.0.0.

Note You need to log in before you can comment on or make changes to this bug.