According to Protect AI, which oversees Huntr, these problems have been found in programmes that receive hundreds of thousands or even millions of downloads each month, like H2O-3, MLflow, and Ray. These problems may have an effect on the whole AI/ML supply chain. H2O-3 is a low-code machine learning platform that facilitates the building and deployment of machine learning models through an online interface, just by inputting data. Users can utilise API calls to upload Java objects remotely.
Since the installation is open to the public by default and does not require authentication, attackers can give malicious Java objects for H2O-3 to execute, giving them access to the operating system.