Lucene search
@huntrdevCVE-2023-1176HistoryMar 24, 2023 - 3:15 p.m.
CVE-2023-1176
2023-03-2415:15:10
CWE-36
@huntrdev
web.nvd.nist.gov
51
cve
2023
1176
absolute path traversal
github
repository
mlflow
nvd
CVSS3
3.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
4
Confidence
High
EPSS
0
Percentile
9.0%
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2.
Affected configurations
Node
lfprojectsmlflowRange<2.2.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| lfprojects | mlflow | * | cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "mlflow",
"product": "mlflow/mlflow",
"versions": [
{
"version": "unspecified",
"lessThan": "2.2.2",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
osv
osv
CVE-2023-1176
2023-03-24 15:15:10
BIT-mlflow-2023-1176
2024-03-06 10:59:27
prion
prion
Path traversal
2023-03-24 15:15:00
veracode
veracode
Path Traversal
2023-03-29 08:07:17
cvelist
cvelist
CVE-2023-1176 Absolute Path Traversal in mlflow/mlflow
2023-03-24 00:00:00
github
github
huntr
huntr
Blind LFI in register-model/get?name=
2023-03-03 22:14:07
nvd
nvd
CVE-2023-1176
2023-03-24 15:15:10
CVSS3
3.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
4
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2023-1176