3 matches found
cde (=0.2.0.1), env-wrappers (>=0.1.1 <=0.1.22) +1 more potentially affected by CVE-2025-10951 via ml-logger (=0.10.36)
ml-logger PYPI version =0.10.36 is affected by a known vulnerability. The following packages have a transitive dependency on ml-logger and may be impacted: - cde =0.2.0.1 - env-wrappers =0.1.1, =0.1.22 - graph-search =0.1.0 Source cves: CVE-2025-10951 Source advisory: SNYK:PYTHON-MLLOGGER-1311002...
CVE-2025-10951
A vulnerability was identified in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected by this vulnerability is the function loghandler of the file mllogger/server.py. Such manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely...
CVE-2025-10951 geyang ml-logger server.py log_handler path traversal
A vulnerability was identified in geyang ml-logger up to acf255bade5be6ad88d90735c8367b28cbe3a743. Affected by this vulnerability is the function loghandler of the file mllogger/server.py. Such manipulation of the argument File leads to path traversal. It is possible to launch the attack remotely...