Lucene search
HistoryMar 24, 2023 - 3:15 p.m.
CVE-2023-1176
cve-2023-1176
github repository
mlflow
prior to 2.2.2
absolute path traversal
CVSS3
3.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
4.4
Confidence
High
EPSS
0
Percentile
9.0%
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2.
Affected configurations
Node
lfprojectsmlflowRange<2.2.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| lfprojects | mlflow | * | cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:* |
Related
osv
osv
CVE-2023-1176
2023-03-24 15:15:10
BIT-mlflow-2023-1176
2024-03-06 10:59:27
prion
prion
Path traversal
2023-03-24 15:15:00
veracode
veracode
Path Traversal
2023-03-29 08:07:17
cvelist
cvelist
CVE-2023-1176 Absolute Path Traversal in mlflow/mlflow
2023-03-24 00:00:00
github
github
huntr
huntr
Blind LFI in register-model/get?name=
2023-03-03 22:14:07
cve
cve
CVE-2023-1176
2023-03-24 15:15:10
CVSS3
3.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
4.4
Confidence
High
EPSS
0
Percentile
9.0%
Related for NVD:CVE-2023-1176