Lucene search
HistoryDec 18, 2023 - 4:15 a.m.
CVE-2023-6909
github repository
path traversal
mlflow
cve-2023-6909
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.005 Low
EPSS
Percentile
76.3%
Path Traversal: ‘..\filename’ in GitHub repository mlflow/mlflow prior to 2.9.2.
Affected configurations
Node
lfprojectsmlflowRange<2.9.2
Related
cve
cve
github
github
MLflow Path Traversal Vulnerability
2023-12-20 06:30:25
mlflow vulnerable to Path Traversal
2024-04-16 00:30:33
MLflow has a Local File Read/Path Traversal bypass
2024-05-16 09:33:08
osv
osv
CVE-2023-6909
2023-12-18 04:15:52
MLflow Path Traversal Vulnerability
2023-12-20 06:30:25
PYSEC-2023-252
2023-12-18 04:15:00
prion
prion
Path traversal
2023-12-18 04:15:00
veracode
veracode
Directory Traversal
2023-12-19 08:40:14
cvelist
cvelist
CVE-2023-6909 Path Traversal: '\..\filename' in mlflow/mlflow
2023-12-18 00:00:31
CVE-2024-1594 Local File Read via Path Traversal in mlflow/mlflow
2024-04-16 00:00:14
CVE-2024-3848 Path Traversal Bypass in mlflow/mlflow
2024-05-16 09:03:47
nuclei
nuclei
Mlflow <2.9.2 - Path Traversal
2024-02-02 10:20:55
nvd
nvd
CVE-2024-1594
2024-04-16 00:15:09
CVE-2024-3848
2024-05-16 09:15:14
vulnrichment
vulnrichment
CVE-2024-1594 Local File Read via Path Traversal in mlflow/mlflow
2024-04-16 00:00:14
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.005 Low
EPSS
Percentile
76.3%
Related for NVD:CVE-2023-6909