3 matches found
CVE-2024-27132
creationtimestamp| type| source ---|---|--- 2024-02-23 23:26:27+00:00| seen| https://t.me/ctinow/192293 2024-02-23 23:32:13+00:00| seen| https://t.me/ctinow/192305 2024-12-06 18:30:05+00:00| seen| https://t.me/truesecator/6517...
CVE-2024-27132
MLflow suffers from insufficient sanitization of template variables, enabling XSS when loading an untrusted recipe and potentially enabling client-side RCE in Jupyter Notebook. The root cause is lack of input sanitization in rendering templates. Public details about affected versions or patches a...
CVE-2024-27132 Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe.
Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This issue leads to a client-side RCE when running an untrusted recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over template variables...