Critical severity9.8NVD Advisory· Published Mar 20, 2025· Updated Apr 15, 2026
CVE-2024-12044
CVE-2024-12044
Description
A remote code execution vulnerability exists in open-mmlab/mmdetection version v3.3.0. The vulnerability is due to the use of the pickle.loads() function in the all_reduce_dict() distributed training API without proper sanitization. This allows an attacker to execute arbitrary code by broadcasting a malicious payload to the distributed training network.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2= 3.3.0+ 1 more
- (no CPE)range: = 3.3.0
- (no CPE)range: =3.3.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.