Lucene search
GoogleOSV:PYSEC-2023-252HistoryDec 18, 2023 - 4:15 a.m.
PYSEC-2023-252
2023-12-1804:15:00
Google
osv.dev
7
path traversal
github repository
security vulnerability
mlflow/mlflow
software
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.005 Low
EPSS
Percentile
76.3%
Path Traversal: ‘..\filename’ in GitHub repository mlflow/mlflow prior to 2.9.2.
Related
cve
cve
github
github
MLflow Path Traversal Vulnerability
2023-12-20 06:30:25
mlflow vulnerable to Path Traversal
2024-04-16 00:30:33
MLflow has a Local File Read/Path Traversal bypass
2024-05-16 09:33:08
osv
osv
CVE-2023-6909
2023-12-18 04:15:52
MLflow Path Traversal Vulnerability
2023-12-20 06:30:25
BIT-mlflow-2023-6909
2024-03-06 10:56:59
prion
prion
Path traversal
2023-12-18 04:15:00
nvd
nvd
veracode
veracode
Directory Traversal
2023-12-19 08:40:14
cvelist
cvelist
CVE-2023-6909 Path Traversal: '\..\filename' in mlflow/mlflow
2023-12-18 00:00:31
CVE-2024-1594 Local File Read via Path Traversal in mlflow/mlflow
2024-04-16 00:00:14
CVE-2024-3848 Path Traversal Bypass in mlflow/mlflow
2024-05-16 09:03:47
nuclei
nuclei
Mlflow <2.9.2 - Path Traversal
2024-02-02 10:20:55
vulnrichment
vulnrichment
CVE-2024-1594 Local File Read via Path Traversal in mlflow/mlflow
2024-04-16 00:00:14
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.005 Low
EPSS
Percentile
76.3%
Related for OSV:PYSEC-2023-252