Amazon Sockeye
By the Year
In 2024 there have been 0 vulnerabilities in Amazon Sockeye . Sockeye did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 7.80 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Sockeye vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Amazon Sockeye Security Vulnerabilities
Sockeye is an open-source sequence-to-sequence framework for Neural Machine Translation built on PyTorch
CVE-2021-43811
7.8 - High
- December 08, 2021
Sockeye is an open-source sequence-to-sequence framework for Neural Machine Translation built on PyTorch. Sockeye uses YAML to store model and data configurations on disk. Versions below 2.3.24 use unsafe YAML loading, which can be made to execute arbitrary code embedded in config files. An attacker can add malicious code to the config file of a trained model and attempt to convince users to download and run it. If users run the model, the embedded code will run locally. The issue is fixed in version 2.3.24.
Code Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Amazon Sockeye or by Amazon? Click the Watch button to subscribe.
