3 matches found
MLFlow Security Vulnerability
Mlflow is an open source platform for the machine learning lifecycle. A security vulnerability exists in MLFlow version 2.8.1 and prior versions. A remote attacker exploited the vulnerability to obtain sensitive information via a specially crafted REST API request...
Restlet Framework allows remote attackers to access arbitrary files via a crafted REST API HTTP request
Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, because only general external entities not parameter external entities are properly considered. This is related to XmlRepresentation, DOMRepresentatio...
CVE-2014-7814
SQL injection vulnerability in Red Hat CloudForms 3.1 Management Engine CFME 5.3 allows remote authenticated users to execute arbitrary SQL commands via a crafted REST API request to an SQL filter...