4 matches found
a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +344 more potentially affected by CVE-2024-1593 via mlflow (>=0.8.2 <=2.9.2)
mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 and more Source cves: CVE-2024-1593 Source advisory: OSV:GHSA-F42M-MVFV-CGW5...
CVE-2024-1593 Path Traversal via Parameter Smuggling in mlflow/mlflow
A path traversal vulnerability exists in the mlflow/mlflow repository due to improper handling of URL parameters. By smuggling path traversal sequences using the ';' character in URLs, attackers can manipulate the 'params' portion of the URL to gain unauthorized access to files or directories. Th...
CVE-2024-1593 Path Traversal via Parameter Smuggling in mlflow/mlflow
A path traversal vulnerability exists in the mlflow/mlflow repository due to improper handling of URL parameters. By smuggling path traversal sequences using the ';' character in URLs, attackers can manipulate the 'params' portion of the URL to gain unauthorized access to files or directories. Th...
CVE-2024-1593
This CVE describes a path traversal vulnerability in the mlflow/mlflow repository caused by improper handling of URL parameters. Attackers can smuggle path traversal sequences using the ';' character in URLs to manipulate the 'params' portion and access unauthorized files or directories. The repo...