3 matches found
Mlflow Path Traversal Vulnerability
Mlflow is an open source platform for the machine learning lifecycle. Mlflow suffers from a path traversal vulnerability that stems from improper handling of URL parameters. An attacker can use this vulnerability to gain access to a file or directory...
CVE-2024-1560 Path Traversal Vulnerability in mlflow/mlflow
A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the artifact deletion functionality. Attackers can bypass path validation by exploiting the double decoding process in the deleteartifactmlflowartifacts handler and localfileuritopath function, allowing for...
GHSA-HH8P-P8MP-GQHM MLFlow Path Traversal Vulnerability
A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information...