CVE-2026-1778 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Amazon SageMaker Python SDK before v3.1.1 or v2.256.0 disables TLS certificate verification for HTTPS connections made by the service when a Triton Python model…
High CVSS: 8.2

CVE-2026-1778

Amazon SageMaker Python SDK before v3.1.1 or v2.256.0 disables TLS certificate verification for HTTPS connections made by the service when a Triton Python model is imported, incorrectly allowing for requests with invalid and self-signed certificates to succeed.
Vendor
-
Product
-
CWE
CWE-295
Yayın Tarihi
2026-02-02 23:16:04
Güncelleme
2026-02-03 16:44:03
Source Identifier
ff89ba41-3aa1-4d27-914a-91399e9639e5
KEV Date Added
-

Kategoriler

CWE-295 HIGH 2026

Referanslar

https://aws.amazon.com/security/security-bulletins/2026-004-AWS/ https://github.com/aws/sagemaker-python-sdk/releases/tag/v2.256.0 https://github.com/aws/sagemaker-python-sdk/releases/tag/v3.1.1 https://github.com/aws/sagemaker-python-sdk/security/advisories/GHSA-62rc-f4v9-h543