PYSEC-2026-1889

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/sagemaker/PYSEC-2026-1889.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2026-1889
Aliases
Published
2026-07-07T11:45:41.143266Z
Modified
2026-07-07T17:47:49.307021334Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
sagemaker-python-sdk vulnerable to Deserialization of Untrusted Data
Details

Impact

sagemaker.base_deserializers.NumpyDeserializer module before v2.218.0 allows potentially unsafe deserialization when untrusted data is passed as pickled object arrays. This consequently may allow an unprivileged third party to cause remote code execution, denial of service, affecting both confidentiality and integrity.

Impacted versions: <2.218.0.

Credit

We would like to thank HiddenLayer for collaborating on this issue through the coordinated vulnerability disclosure process.

Workarounds

Do not pass pickled numpy object arrays which originated from an untrusted source, or that could have been tampered with. Only pass pickled numpy object arrays from sources you trust.

References

If you have any questions or comments about this advisory we ask that you contact AWS/Amazon Security via our vulnerability reporting page [1] or directly via email to aws-security@amazon.com. Please do not create a public GitHub issue. [1] Vulnerability reporting page: https://aws.amazon.com/security/vulnerability-reporting

Fixed by: https://github.com/aws/sagemaker-python-sdk/pull/4557

References

Affected packages

PyPI / sagemaker

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.218.0

Affected versions

1.*
1.0.0
1.0.1
1.0.2
1.1.0
1.1.1
1.1.2
1.1.3
1.2.0
1.2.1
1.2.2
1.2.3
1.2.4
1.2.5
1.3.0
1.4.0
1.4.1
1.4.2
1.5.0
1.5.1
1.5.2
1.5.3
1.5.4
1.6.0
1.6.1
1.7.0
1.7.1
1.7.2
1.8.0
1.9.0
1.9.1
1.9.2
1.9.3
1.9.3.1
1.10.0
1.10.1
1.11.0
1.11.1
1.11.2
1.11.3
1.12.0
1.13.0
1.14.0
1.14.1
1.14.2
1.15.0
1.15.1
1.15.2
1.16.1
1.16.1.post1
1.16.2
1.16.3
1.17.0
1.17.1
1.17.2
1.18.0
1.18.1
1.18.2
1.18.3
1.18.3.post1
1.18.4
1.18.5
1.18.6.post0
1.18.7
1.18.8
1.18.9
1.18.9.post0
1.18.9.post1
1.18.10
1.18.11
1.18.12
1.18.13
1.18.14
1.18.14.post0
1.18.14.post1
1.18.15
1.18.16
1.18.17
1.18.18
1.18.19
1.19.0
1.19.1
1.20.0
1.20.1
1.20.2
1.20.3
1.21.0
1.21.1
1.21.2
1.22.0
1.23.0
1.24.0
1.25.0
1.25.1
1.26.0
1.27.0
1.28.0
1.28.1
1.28.2
1.28.3
1.29.0
1.30.0
1.31.0
1.31.1
1.32.0
1.32.1
1.32.2
1.33.0
1.34.0
1.34.1
1.34.2
1.34.3
1.35.0
1.35.1
1.36.0
1.36.1
1.36.2
1.36.3
1.36.4
1.37.0
1.37.1
1.37.2
1.38.0
1.38.1
1.38.2
1.38.3
1.38.4
1.38.5
1.38.6
1.39.0
1.39.1
1.39.2
1.39.3
1.39.4
1.40.0
1.40.1
1.40.2
1.41.0
1.42.0
1.42.1
1.42.2
1.42.3
1.42.4
1.42.5
1.42.6
1.42.6.post0
1.42.7
1.42.8
1.42.9
1.43.0
1.43.1
1.43.2
1.43.3
1.43.4
1.43.4.post0
1.43.4.post1
1.43.5
1.44.0
1.44.1
1.44.2
1.44.3
1.44.4
1.45.0
1.45.1
1.45.2
1.46.0
1.47.1
1.48.0
1.48.1
1.49.0
1.50.0
1.50.1
1.50.2
1.50.3
1.50.4
1.50.5
1.50.6
1.50.6.post0
1.50.7
1.50.8
1.50.9
1.50.9.post0
1.50.10
1.50.10.post0
1.50.11
1.50.12
1.50.13
1.50.14
1.50.14.post0
1.50.15
1.50.16
1.50.17
1.50.17.post0
1.50.18
1.50.18.post0
1.51.0
1.51.1
1.51.2
1.51.3
1.51.4
1.52.0
1.52.0.post0
1.52.1
1.53.0
1.54.0
1.55.0
1.55.0.post0
1.55.1
1.55.2
1.55.3
1.55.4
1.56.0
1.56.1
1.56.1.post0
1.56.1.post1
1.56.2
1.56.3
1.57.0
1.58.0
1.58.1
1.58.2
1.58.2.post0
1.58.3
1.58.4
1.59.0
1.60.0
1.60.0.post0
1.60.1
1.60.2
1.61.0
1.62.0
1.63.0
1.64.0
1.64.1
1.65.0
1.65.1
1.65.1.post0
1.65.1.post1
1.66.0
1.67.0
1.67.1
1.67.1.post0
1.68.0
1.69.0
1.70.0
1.70.1
1.70.2
1.71.0
1.71.1
1.72.0
1.72.1
2.*
2.0.0
2.0.1
2.1.0
2.2.0
2.3.0
2.4.0
2.4.1
2.4.2
2.5.0
2.5.1
2.5.2
2.5.3
2.5.4
2.5.5
2.6.0
2.7.0
2.8.0
2.9.0
2.9.1
2.9.2
2.10.0
2.11.0
2.12.0
2.13.0
2.14.0
2.15.0
2.15.1
2.15.2
2.15.3
2.15.4
2.16.0
2.16.0.post0
2.16.1
2.16.2
2.16.3
2.16.3.post0
2.16.4
2.17.0
2.18.0
2.19.0
2.20.0
2.21.0
2.22.0
2.23.0
2.23.1
2.23.2
2.23.3
2.23.4
2.23.4.post0
2.23.5
2.23.6
2.24.0
2.24.1
2.24.2
2.24.3
2.24.4
2.24.5
2.25.0
2.25.1
2.25.2
2.26.0
2.27.0
2.27.1
2.28.0
2.29.0
2.29.1
2.29.2
2.30.0
2.31.0
2.31.1
2.32.0
2.32.1
2.33.0
2.34.0
2.35.0
2.36.0
2.37.0
2.38.0
2.39.0
2.39.0.post0
2.39.1
2.40.0
2.41.0
2.42.0
2.42.1
2.43.0
2.44.0
2.45.0
2.46.0
2.46.1
2.47.0
2.47.1
2.47.2
2.47.2.post0
2.48.0
2.48.1
2.48.2
2.49.0
2.49.1
2.49.2
2.50.0
2.50.1
2.51.0
2.52.0
2.52.1
2.52.2
2.52.2.post0
2.53.0
2.54.0
2.54.1.dev0
2.55.0
2.56.0
2.57.0
2.58.0
2.59.0
2.59.1
2.59.1.post0
2.59.2
2.59.3
2.59.3.post0
2.59.4
2.59.5
2.59.6
2.59.7
2.59.8
2.60.0
2.61.0
2.62.0
2.63.0
2.63.1
2.63.2
2.64.0
2.65.0
2.66.0
2.66.1
2.66.2
2.66.2.post0
2.67.0
2.68.0
2.69.0
2.70.0
2.71.0
2.72.0
2.72.1
2.72.2
2.72.3
2.73.0
2.74.0
2.75.0
2.75.1
2.76.0
2.77.0
2.77.1
2.78.0
2.79.0
2.80.0
2.81.0
2.81.1
2.82.0
2.82.1
2.82.2
2.83.0
2.84.0
2.85.0
2.86.0
2.86.1
2.86.2
2.87.0
2.88.0
2.88.1
2.88.2
2.88.3
2.89.0
2.90.0
2.91.0
2.91.1
2.92.0
2.92.1
2.92.2
2.93.0
2.93.1
2.94.0
2.95.0
2.96.0
2.97.0
2.98.0
2.99.0
2.100.0
2.101.1
2.102.0
2.103.0
2.104.0
2.105.0
2.106.0
2.107.0
2.108.0
2.109.0
2.110.0
2.111.0
2.112.0
2.112.1
2.112.2
2.113.0
2.114.0
2.115.0
2.116.0
2.117.0
2.118.0
2.119.0
2.120.0
2.121.0
2.121.1
2.121.2
2.122.0
2.122.1.dev0
2.123.0
2.124.0
2.125.0
2.126.0
2.127.0
2.128.0
2.129.0
2.130.0
2.131.0
2.131.1
2.132.0
2.133.0
2.134.0
2.134.1
2.135.0
2.135.1
2.135.1.post0
2.136.0
2.137.0
2.138.0
2.139.0
2.140.0
2.140.1
2.141.0
2.142.0
2.143.0
2.144.0
2.145.0
2.146.0
2.146.1
2.147.0
2.148.0
2.149.0
2.150.0
2.151.0
2.152.0
2.153.0
2.154.0
2.155.0
2.156.0
2.157.0
2.158.0
2.159.0
2.160.0
2.161.0
2.162.0
2.163.0
2.164.0
2.165.0
2.166.0
2.167.0
2.168.0
2.169.0
2.170.0
2.171.0
2.172.0
2.173.0
2.174.0
2.175.0
2.176.0
2.177.0
2.177.1
2.178.0
2.179.0
2.180.0
2.181.0
2.182.0
2.183.0
2.184.0
2.184.0.post0
2.185.0
2.186.0
2.187.0
2.188.0
2.189.0
2.190.0
2.191.0
2.192.0
2.192.1
2.193.0
2.194.0
2.195.0
2.195.1
2.196.0
2.197.0
2.197.1
2.198.0
2.198.1
2.199.0
2.200.0
2.200.1
2.201.0
2.202.0
2.202.1
2.203.0
2.203.1
2.204.0
2.205.0
2.206.0
2.207.0
2.207.1
2.208.0
2.209.0
2.210.0
2.211.0
2.212.0
2.213.0
2.214.0
2.214.1
2.214.2
2.214.3
2.215.0
2.216.0
2.216.1
2.217.0

Database specific

source
"https://github.com/pypa/advisory-database/blob/main/vulns/sagemaker/PYSEC-2026-1889.yaml"