8 matches found
CVE-2023-2780
Path Traversal: '\..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1...
CVE-2023-2780
creationtimestamp| type| source ---|---|--- 2023-05-18 00:36:37+00:00| seen| https://t.me/cibsecurity/64355...
a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +322 more potentially affected by CVE-2023-2780 via mlflow (>=0.8.2 <=2.2.2)
mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2023-2780 Source advisory: OSV:GHSA-WJQ3-7JXX-WHJ9...
a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +322 more potentially affected by CVE-2023-2780 via mlflow (>=0.8.2 <=2.3.0)
mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2023-2780 Source advisory: OSV:PYSEC-2023-69...
CVE-2023-2780 Path Traversal: '\..\filename' in mlflow/mlflow
Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1...
CVE-2023-2780 Path Traversal: '\..\filename' in mlflow/mlflow
Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1...
CVE-2023-2780
CVE-2023-2780 affects the open-source project mlflow/mlflow prior to version 2.3.1. A path traversal flaw, described as a Local File Inclusion bypass via the payload "..\filename", can allow an attacker to read local files on the server. The Nuclei/NVD entries consistently reference this vulnerab...
CVE-2023-2780 Path Traversal: '\..\filename' in mlflow/mlflow
Path Traversal: '..\filename' in GitHub repository mlflow/mlflow prior to 2.3.1...