Lucene search
GoogleOSV:BIT-MLFLOW-2023-1176HistoryMar 06, 2024 - 10:59 a.m.
BIT-mlflow-2023-1176
2024-03-0610:59:27
Google
osv.dev
10
github repository
mlflow
absolute path traversal
software
security vulnerability
CVSS3
3.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
6.7
Confidence
High
EPSS
0
Percentile
9.0%
Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.2.2.
Related
osv
osv
CVE-2023-1176
2023-03-24 15:15:10
Remote file existence check vulnerability in `mlflow server` and `mlflow ui` CLIs
2023-03-24 22:01:15
PYSEC-2023-28
2023-03-24 15:15:00
veracode
veracode
Path Traversal
2023-03-29 08:07:17
prion
prion
Path traversal
2023-03-24 15:15:00
cvelist
cvelist
CVE-2023-1176 Absolute Path Traversal in mlflow/mlflow
2023-03-24 00:00:00
github
github
huntr
huntr
Blind LFI in register-model/get?name=
2023-03-03 22:14:07
nvd
nvd
CVE-2023-1176
2023-03-24 15:15:10
cve
cve
CVE-2023-1176
2023-03-24 15:15:10
CVSS3
3.3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
6.7
Confidence
High
EPSS
0
Percentile
9.0%
Related for OSV:BIT-MLFLOW-2023-1176